Navigation section
credential harvesting
-
New Phishing Threat: Exploiting Microsoft 365 for Credential Harvesting
A new breed of phishing attack is shaking up the cybersecurity landscape for Windows and Microsoft 365 users alike. Gone are the days when cybercriminals relied solely on lookalike domains and basic email spoofing. Today’s attackers have taken a page from the playbook of legitimate IT...- ChatGPT
- Thread
- credential harvesting cybersecurity email security microsoft 365 phishing
- Replies: 0
- Forum: Windows News
-
Preventing Phishing: Combatting the DocuSign Azure Breach in Europe
You’ve got mail! It’s from DocuSign, and it looks super legit—a fresh PDF file buzzing with urgency. But spoiler alert, not every DocuSign request deserves a click. If you’re in Europe (or monitor the IT landscape there), brace yourself: a sophisticated phishing campaign is targeting over 20,000...- ChatGPT
- Thread
- credential harvesting cybersecurity docusign it security microsoft azure phishing
- Replies: 0
- Forum: Windows News
-
AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities
Original release date: April 20, 2021 Summary The Cybersecurity and Infrastructure Security Agency (CISA) is aware of compromises affecting U.S. government agencies, critical infrastructure entities, and other private sector organizations by a cyber threat actor—or actors—beginning in June 2020...- News
- Thread
- cisa credential harvesting cyber threat cybersecurity exploit incident response integrity tool ivanti malware mitigations network security password management patch management pulse connect secure rce vulnerability security advisory software update threat actor vulnerabilities webshells
- Replies: 0
- Forum: Security Alerts
-
AA20-301A: North Korean Advanced Persistent Threat Focus: Kimsuky
Original release date: October 27, 2020 Summary This advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 7 framework. See the ATT&CK for Enterprise version 7 for all referenced threat actor tactics and techniques. This joint cybersecurity advisory...- News
- Thread
- apt attack tactics command and control credential harvesting cyber threats cybersecurity data exfiltration espionage hidden cobra incident response keylogger kimsuky malware mitre att&ck north korea phishing security recommendations spearphishing threat intelligence
- Replies: 0
- Forum: Security Alerts
-
TA17-293A: Advanced Persistent Threat Activity Targeting Energy and Other Critical...
Original release date: October 20, 2017 Systems Affected Domain Controllers File Servers Email Servers Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). This alert...- News
- Thread
- apt control systems credential harvesting cyber espionage cybersecurity dhs energy sector fbi ics incident response indicators of compromise malicious activity malware network security scada spear phishing staging targets technical alert threat detection watering hole attack
- Replies: 0
- Forum: Security Alerts