Tag: phishing
-
Microsoft Disrupts Major Phishing Operation Targeting Microsoft 365
Microsoft dismantled a major phishing service stealing Microsoft 365 credentials. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/microsoft-disrupts-major-phishing-operation-targeting-microsoft-365/
-
Microsoft schaltet gefährliches Phishing-Netzwerk ab
Über die Phishing-as-a-Service-Plattform RaccoonO365 sollen mehr als 5.000 Microsoft-Accounts in 94 Ländern kompromittiert worden sein.Die Digital Crimes Unit (DCU) von Microsoft hat die Phishing-as-a-Service-Plattform RaccoonO365 lahmgelegt. Wie das Unternehmen aus Redmond berichtet, wurden dabei 338 Webseiten beschlagnahmt, um die Infrastruktur zu zerstören.Das von Microsoft als Storm-2246 verfolgte kriminelle Netzwerk hinter der Plattform hat sich auf…
-
Brute force attacks hitting SonicWall firewall configuration backups
Tags: attack, authentication, backup, breach, cloud, computer, computing, credentials, data, defense, encryption, firewall, Hardware, login, mfa, password, phishing, software, technology, threatWhat are brute force attacks?: Brute force attacks use trial and error to crack passwords, login credentials, and encryption keys. They’ve been around since the beginning of the computer age, yet are still effective. Why? In part because people still use easily guessable passwords like ‘1234’, or their company’s name, or default passwords left on…
-
Microsoft beschlagnahmt 338 Websites zur Zerschlagung des schnell wachsenden Phishing-Dienstes ‘RaccoonO365″
Die Digital-Crimes-Unit (DCU) von Microsoft hat mit einem Gerichtsbeschluss des Southern District of New York 338 Websites beschlagnahmt, die mit ‘RaccoonO365″ verbunden sind. Ziel war es, die technische Infrastruktur des Dienstes zu stören und Kriminellen den Zugriff auf Opferkonten zu entziehen. RaccoonO365 ist ein Phishing-Toolkit, mit dem Microsoft-365-Zugangsdaten gestohlen werden. Dieser Fall zeigt, dass Cyberkriminelle…
-
New ‘shinysp1d3r’ Ransomware-as-a-Service Targets VMware ESXi in Ongoing Development
EclecticIQ analysts assess with high confidence that ShinyHunters is expanding its operations by combining AI-enabled voice phishing, supply chain compromises, and leveraging malicious insiders, such as employees or contractors, who can provide direct access to enterprise networks. ShinyHunters is very likely relying on members of Scattered Spider and The Com to conduct voice phishing attacks…
-
New ‘shinysp1d3r’ Ransomware-as-a-Service Targets VMware ESXi in Ongoing Development
EclecticIQ analysts assess with high confidence that ShinyHunters is expanding its operations by combining AI-enabled voice phishing, supply chain compromises, and leveraging malicious insiders, such as employees or contractors, who can provide direct access to enterprise networks. ShinyHunters is very likely relying on members of Scattered Spider and The Com to conduct voice phishing attacks…
-
Hackers Target Facebook Accounts in Latest Phishing Attack
A newly discovered phishing campaign is exploiting Facebook’s external URL warning feature to dupe users into handing over their login credentials. By abusing Facebook’s “You’re about to leave Facebook” redirect mechanism, attackers can conceal malicious URLs behind the social media giant’s official domain and graphic style”, making the lure appear bona fide even to cautious…
-
Raccoon O365: Microsoft zerschlägt Phishing-Dienst
Raccoon O365 bietet abobasierte Phishing-Kits für Microsoft-Konten. Microsoft zählt in einem Jahr mindestens 5.000 kompromittierte Konten. First seen on golem.de Jump to article: www.golem.de/news/raccoon-o365-microsoft-zerschlaegt-phishing-dienst-2509-200213.html
-
Warning: Brute force attacks hitting SonicWall firewall configuration backups
Tags: attack, authentication, backup, breach, cloud, computer, computing, credentials, data, defense, encryption, firewall, Hardware, login, mfa, password, phishing, software, technology, threatWhat are brute force attacks?: Brute force attacks use trial and error to crack passwords, login credentials, and encryption keys. They’ve been around since the beginning of the computer age, yet are still effective. Why? In part because people still use easily guessable passwords like ‘1234’, or their company’s name, or default passwords left on…
-
China-linked APT41 targets government, think tanks, and academics tied to US-China trade and policy
China-linked group APT41 impersonated a U.S. lawmaker in phishing attacks on government, think tanks, and academics tied to US-China trade and policy. Proofpoint observed China-linked cyber espionage group APT41 impersonating a U.S. lawmaker in a phishing campaign targeting government, think tanks, and academics tied to U.S.-China trade and policy. APT41, known also as Amoeba, BARIUM,…
-
Microsoft Disrupts ‘RaccoonO365’ Phishing Service
Phishing-as-a-service (PhaaS) kits have become an increasingly popular way for lower-skill individuals who want to get into cybercrime. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/microsoft-disrupts-raccoono365-phishing-service
-
TA558 Uses AI-Generated Scripts to Deploy Venom RAT in Brazil Hotel Attacks
The threat actor known as TA558 has been attributed to a fresh set of attacks delivering various remote access trojans (RATs) like Venom RAT to breach hotels in Brazil and Spanish-speaking markets.Russian cybersecurity vendor Kaspersky is tracking the activity, observed in summer 2025, to a cluster it tracks as RevengeHotels.”The threat actors continue to employ…
-
The Industry’s Passkey Pivot Ignores a Deeper Threat: Device-Level Infections
Passkeys Are Progress, But They’re Not Protection Against Everything The cybersecurity community is embracing passkeys as a long-overdue replacement for passwords. These cryptographic credentials, bound to a user’s device, eliminate phishing and prevent credential reuse. Major players, like Google, Apple, Microsoft, GitHub, and Okta, have made passkey login widely available across consumer and enterprise services….…
-
Microsoft scores win against Office 365 credential thieves
Microsoft’s Digital Crimes Unit disrupts a major phishing-as-a-service operation that targeted and stole Office 365 usernames and credentials First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366631473/Microsoft-scores-win-against-Office-365-credential-thieves
-
Microsoft disrupts global phishing campaign that led to widespread credential theft
Officials say the operation led to ransomware and BEC attacks on U.S. hospitals and healthcare organizations. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/microsoft-disrupts-global-phishing-credential-theft/760378/
-
FileFix Campaign Using Steganography and Multistage Payloads
FileFix campaign hides PowerShell script and encrypted EXEs in JPGs via multilingual phishing First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/filefix-steganography-multistage/
-
Microsoft and Cloudflare teamed up to dismantle the RaccoonO365 phishing service
Microsoft and Cloudflare disrupted the RaccoonO365 phishing service, used to steal thousands of user credentials. A joint operation conducted by Microsoft and Cloudflare has taken down the infrastructure used by the RaccoonO365 phishing service (tracked by Microsoft as Storm-2246). Microsoft announced that its Digital Crimes Unit shut down RaccoonO365, seizing 338 sites used to steal…
-
Microsoft and Cloudflare execute ‘rugpull’ on massive phishing empire
Tags: access, ai, attack, blockchain, breach, computer, credentials, crime, crimes, crypto, cybercrime, data, detection, exploit, extortion, finance, fraud, infrastructure, international, law, microsoft, phishing, programming, scam, service, strategy, threat, toolLegal victory with limitations: Microsoft’s investigation identified Joshua Ogundipe, based in Nigeria, as the operation’s leader and primary architect. The company filed a lawsuit against Ogundipe and four associates listed as John Does in late August, then obtained a court order from the US District Court for the Southern District of New York in early…
-
Microsoft and Cloudflare disrupt massive RaccoonO365 phishing service
Microsoft and Cloudflare have disrupted a massive Phishing-as-a-Service (PhaaS) operation, known as RaccoonO365, that helped cybercriminals steal thousands of Microsoft 365 credentials. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-and-cloudflare-disrupt-massive-raccoono365-phishing-service/
-
Chinese TA415 Uses VS Code Remote Tunnels to Spy on U.S. Economic Policy Experts
A China-aligned threat actor known as TA415 has been attributed to spear-phishing campaigns targeting the U.S. government, think tanks, and academic organizations utilizing U.S.-China economic-themed lures.”In this activity, the group masqueraded as the current Chair of the Select Committee on Strategic Competition between the United States and the Chinese Communist Party (CCP), as well as…
-
North Korean operation uses ChatGPT to forge military IDs as part of cyberattack
The hacking group known as Kimsuky used generative AI to create South Korean military IDs used in a phishing campaign against defense-related institutions, researchers said. First seen on therecord.media Jump to article: therecord.media/north-korea-kimsuky-hackers-phishing-fake-military-ids-chatgpt
-
North Korean operation uses ChatGPT to forge military IDs as part of cyberattack
The hacking group known as Kimsuky used generative AI to create South Korean military IDs used in a phishing campaign against defense-related institutions, researchers said. First seen on therecord.media Jump to article: therecord.media/north-korea-kimsuky-hackers-phishing-fake-military-ids-chatgpt
-
Microsoft Shuts Down RaccoonO365 Phishing Ring, Seizes 338 Websites
Microsoft’s Digital Crimes Unit dismantled RaccoonO365, a major phishing service that stole thousands of user credentials and targeted US healthcare organisations. Discover how the operation worked and its global impact. First seen on hackread.com Jump to article: hackread.com/microsoft-shuts-down-raccoono365-phishing-seizes-sites/
-
Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader
Microsoft and Cloudflare have disrupted a Phishing-as-a-Service operation selling the RaccoonO365 kit for stealing Microsoft 365 account credentials. >>Using a court … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/17/microsoft-disrupts-raccoono365-phishing/
-
Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader
Microsoft and Cloudflare have disrupted a Phishing-as-a-Service operation selling the RaccoonO365 kit for stealing Microsoft 365 account credentials. >>Using a court … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/17/microsoft-disrupts-raccoono365-phishing/
-
Cloudflare und Microsoft zerschlagen RaccoonO365-Trojaner-Infrastruktur
Cloudflare und Microsoft ist es wohl gelungen, die Infrastruktur eines globalen Phishing-Imperium zu zerschlagen. Die Unternehmen konnten 338 gefälschte Domains, die mit dem “RaccoonO365”-Trojaner in Verbindung stehen, in einer koordinierten Aktion beschlagnahmen. Bei RaccoonO365 handelt es sich um ein Phishing-as-a-Service-Angebot, … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/17/cloudflare-und-microsoft-zerschlagen-raccoono365-trojaner-infrastruktur/
-
Microsoft Disrupts RaccoonO365 Phishing Kit, Seizes 338 Malicious Sites
Microsoft revealed it has seized 338 websites associated with RaccoonO365, a phishing kit which has stolen at least 5000 Microsoft credentials worldwide First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/microsoft-disrupts-phishing-kit/
-
Microsoft Takes Down 300+ Websites Behind RaccoonO365 Phishing Scheme
Tags: access, control, crime, crimes, cyber, cybercrime, infrastructure, microsoft, phishing, serviceMicrosoft’s Digital Crimes Unit (DCU) has seized control of 338 websites facilitating RaccoonO365, the rapidly expanding phishing-as-a-service platform that enables anyone to harvest Microsoft 365 credentials. Acting under a court order from the Southern District of New York, the DCU disrupted the operation’s technical infrastructure, denying cybercriminals access to victims and cutting off their revenue…
-
Adtech Abused by Threat Actors to Spread Malicious Advertisements
Malicious advertising campaigns have surged in sophistication, with cybercriminals exploiting and even operating adtech firms to deliver malware, credential stealers and phishing schemes directly through mainstream ad networks. A cluster of interconnected companies”, run through shell corporations, hosted on compromised infrastructure, and registered en masse via a notorious registrar”, has enabled a prolific threat actor,…