Tag: phishing
-
FileFix Campaign Using Steganography and Multistage Payloads
FileFix campaign hides PowerShell script and encrypted EXEs in JPGs via multilingual phishing First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/filefix-steganography-multistage/
-
Microsoft and Cloudflare teamed up to dismantle the RaccoonO365 phishing service
Microsoft and Cloudflare disrupted the RaccoonO365 phishing service, used to steal thousands of user credentials. A joint operation conducted by Microsoft and Cloudflare has taken down the infrastructure used by the RaccoonO365 phishing service (tracked by Microsoft as Storm-2246). Microsoft announced that its Digital Crimes Unit shut down RaccoonO365, seizing 338 sites used to steal…
-
Microsoft and Cloudflare execute ‘rugpull’ on massive phishing empire
Tags: access, ai, attack, blockchain, breach, computer, credentials, crime, crimes, crypto, cybercrime, data, detection, exploit, extortion, finance, fraud, infrastructure, international, law, microsoft, phishing, programming, scam, service, strategy, threat, toolLegal victory with limitations: Microsoft’s investigation identified Joshua Ogundipe, based in Nigeria, as the operation’s leader and primary architect. The company filed a lawsuit against Ogundipe and four associates listed as John Does in late August, then obtained a court order from the US District Court for the Southern District of New York in early…
-
Microsoft and Cloudflare disrupt massive RaccoonO365 phishing service
Microsoft and Cloudflare have disrupted a massive Phishing-as-a-Service (PhaaS) operation, known as RaccoonO365, that helped cybercriminals steal thousands of Microsoft 365 credentials. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-and-cloudflare-disrupt-massive-raccoono365-phishing-service/
-
Chinese TA415 Uses VS Code Remote Tunnels to Spy on U.S. Economic Policy Experts
A China-aligned threat actor known as TA415 has been attributed to spear-phishing campaigns targeting the U.S. government, think tanks, and academic organizations utilizing U.S.-China economic-themed lures.”In this activity, the group masqueraded as the current Chair of the Select Committee on Strategic Competition between the United States and the Chinese Communist Party (CCP), as well as…
-
North Korean operation uses ChatGPT to forge military IDs as part of cyberattack
The hacking group known as Kimsuky used generative AI to create South Korean military IDs used in a phishing campaign against defense-related institutions, researchers said. First seen on therecord.media Jump to article: therecord.media/north-korea-kimsuky-hackers-phishing-fake-military-ids-chatgpt
-
North Korean operation uses ChatGPT to forge military IDs as part of cyberattack
The hacking group known as Kimsuky used generative AI to create South Korean military IDs used in a phishing campaign against defense-related institutions, researchers said. First seen on therecord.media Jump to article: therecord.media/north-korea-kimsuky-hackers-phishing-fake-military-ids-chatgpt
-
Microsoft Shuts Down RaccoonO365 Phishing Ring, Seizes 338 Websites
Microsoft’s Digital Crimes Unit dismantled RaccoonO365, a major phishing service that stole thousands of user credentials and targeted US healthcare organisations. Discover how the operation worked and its global impact. First seen on hackread.com Jump to article: hackread.com/microsoft-shuts-down-raccoono365-phishing-seizes-sites/
-
Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader
Microsoft and Cloudflare have disrupted a Phishing-as-a-Service operation selling the RaccoonO365 kit for stealing Microsoft 365 account credentials. >>Using a court … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/17/microsoft-disrupts-raccoono365-phishing/
-
Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader
Microsoft and Cloudflare have disrupted a Phishing-as-a-Service operation selling the RaccoonO365 kit for stealing Microsoft 365 account credentials. >>Using a court … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/17/microsoft-disrupts-raccoono365-phishing/
-
Cloudflare und Microsoft zerschlagen RaccoonO365-Trojaner-Infrastruktur
Cloudflare und Microsoft ist es wohl gelungen, die Infrastruktur eines globalen Phishing-Imperium zu zerschlagen. Die Unternehmen konnten 338 gefälschte Domains, die mit dem “RaccoonO365”-Trojaner in Verbindung stehen, in einer koordinierten Aktion beschlagnahmen. Bei RaccoonO365 handelt es sich um ein Phishing-as-a-Service-Angebot, … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/17/cloudflare-und-microsoft-zerschlagen-raccoono365-trojaner-infrastruktur/
-
Microsoft Disrupts RaccoonO365 Phishing Kit, Seizes 338 Malicious Sites
Microsoft revealed it has seized 338 websites associated with RaccoonO365, a phishing kit which has stolen at least 5000 Microsoft credentials worldwide First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/microsoft-disrupts-phishing-kit/
-
Microsoft Takes Down 300+ Websites Behind RaccoonO365 Phishing Scheme
Tags: access, control, crime, crimes, cyber, cybercrime, infrastructure, microsoft, phishing, serviceMicrosoft’s Digital Crimes Unit (DCU) has seized control of 338 websites facilitating RaccoonO365, the rapidly expanding phishing-as-a-service platform that enables anyone to harvest Microsoft 365 credentials. Acting under a court order from the Southern District of New York, the DCU disrupted the operation’s technical infrastructure, denying cybercriminals access to victims and cutting off their revenue…
-
Adtech Abused by Threat Actors to Spread Malicious Advertisements
Malicious advertising campaigns have surged in sophistication, with cybercriminals exploiting and even operating adtech firms to deliver malware, credential stealers and phishing schemes directly through mainstream ad networks. A cluster of interconnected companies”, run through shell corporations, hosted on compromised infrastructure, and registered en masse via a notorious registrar”, has enabled a prolific threat actor,…
-
Trotz Sicherheitsfiltern: KI-Chatbots sind erschreckend gute Komplizen für Phishing-Betrug
First seen on t3n.de Jump to article: t3n.de/news/studie-ki-chatbots-helfer-fuer-phishing-betrug-1707713/
-
RaccoonO365 Phishing Network Dismantled as Microsoft, Cloudflare Take Down 338 Domains
Microsoft’s Digital Crimes Unit said it teamed up with Cloudflare to coordinate the seizure of 338 domains used by RaccoonO365, a financially motivated threat group that was behind a phishing-as-a-service (Phaas) toolkit used to steal more than 5,000 Microsoft 365 credentials from 94 countries since July 2024.”Using a court order granted by the Southern District…
-
RaccoonO365 Phishing Network Shut Down After Microsoft and Cloudflare Disrupt 338 Domains
Microsoft’s Digital Crimes Unit said it teamed up with Cloudflare to coordinate the seizure of 338 domains used by RaccoonO365, a financially motivated threat group that was behind a phishing-as-a-service (Phaas) toolkit used to steal more than 5,000 Microsoft 365 credentials from 94 countries since July 2024.”Using a court order granted by the Southern District…
-
Microsoft seizes hundreds of phishing sites tied to massive credential theft operation
The company acted on a court order and collaborated with Cloudflare to seize RaccoonO365’s infrastructure, which was used to steal credentials from organizations in 94 countries. First seen on cyberscoop.com Jump to article: cyberscoop.com/microsoft-seizes-phishing-sites-raccoono365/
-
Microsoft blocks bait for ‘fastest-growing’ 365 phish kit, seizes 338 domains
Redmond names alleged ringleader, claims 5K+ creds stolen and $100k pocketed First seen on theregister.com Jump to article: www.theregister.com/2025/09/16/microsoft_cloudflare_shut_down_raccoono365/
-
Warning: Hackers have inserted credential-stealing code into some npm libraries
Tags: api, attack, authentication, ciso, cloud, credentials, github, google, hacker, Hardware, incident response, malware, mfa, monitoring, open-source, phishing, sans, software, supply-chain, threatMore than 40 packages affected: One of the researchers who found and flagged the hack Monday was French developer François Best, and it was also described in blogs from StepSecurity, Socket, ReversingLabs and Ox Security. These blogs contain a full list of compromised packages and indicators of compromise.Researchers at Israel-based Ox Security said there was a…
-
Ongoing FileFix Attack Installs StealC Infostealer Via Fake Facebook Pages
Researchers spot FileFix phishing sites that deliver StealC Infostealer through fake Facebook warnings and hidden payloads in images. First seen on hackread.com Jump to article: hackread.com/filefix-attack-stealc-infostealer-fake-facebook-pages/
-
Innovative FileFix Phishing Attack Proves Plenty Potent
Highly deceptive FileFix uses code obfuscation and steganography and has been translated into at least 16 languages to power a global campaign. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/innovative-filefix-attack-potent
-
DigiCert Acquires Valimail to Add Email Authentication Service
DigiCert acquires Valimail to strengthen email authentication with DMARC and content protection, to fight phishing and AI-driven threats. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/digicert-acquires-valimail-to-add-email-authentication-service/
-
DigiCert Acquires Valimail to Add Email Authentication Service
DigiCert acquires Valimail to strengthen email authentication with DMARC and content protection, to fight phishing and AI-driven threats. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/digicert-acquires-valimail-to-add-email-authentication-service/
-
North Korean Hackers Weaponize ChatGPT in AI-Driven Phishing Attack
North Korea’s Kimsuky hackers used ChatGPT to forge government IDs in a phishing attack, marking a new era of AI-powered cyber warfare. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/north-korean-hackers-weaponize-chatgpt-in-ai-driven-phishing-attack/
-
Windows Users Hit by VenomRAT in AI-Driven RevengeHotels Attack
RevengeHotels, also known as TA558, has escalated its long-standing cybercrime campaign by incorporating artificial intelligence into its infection chains, deploying the potent VenomRAT malware against Windows users. Active since 2015, this threat actor has traditionally targeted hotel guests and travelers, stealing payment card data through phishing emails. Recent campaigns, however, demonstrate a marked shift: AI-generated…
-
Tax Refund-Themed Phishing Slows in 2025
Reports of email phishing attempts impersonating the UK’s HM Revenue & Customs plummeted in the first half of 2025 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uk-tax-refund-phishing-slows/
-
Tax Refund-Themed Phishing Slows in 2025
Reports of email phishing attempts impersonating the UK’s HM Revenue & Customs plummeted in the first half of 2025 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uk-tax-refund-phishing-slows/
-
Größter Supply-Chain-Angriff in der Geschichte von npm
Die Sicherheitsforscher von Check Point Software Technologies arbeiten den großen npm-Diebstahl auf: Am 8. September 2025 erlebte das Javascript-Ökosystem den größten Supply-Chain-Angriff in der Geschichte von npm. Durch eine gezielte Phishing-Kampagne wurde das Konto eines bekannten Maintainers kompromittiert. In der Folge schleusten die Angreifer Malware mit Krypto-Stealer-Funktion in mehr als 18 zentrale npm-Pakete ein. Diese…