phishing attacks

Phishing-as-a-Service is evolving faster than ever—a fact underscored by a recent Barracuda report revealing over one million phishing attacks in just two months. For Windows users, this trend is a sharp reminder of why cybersecurity vigilance is more important now than at any other time. A New...

Phishing-as-a-Service Evolves: A Wake-Up Call for Windows and Microsoft 365 Users A recent report from Barracuda Networks reveals an alarming surge in Phishing-as-a-Service (PhaaS) attacks in early 2025. In the span of just the first two months, over one million phishing attempts were thwarted...

A recent research report—cited by Computing as highlighting a “massive spike” in phishing-as-a-service (PhaaS) attacks in 2025—paints a stark picture of the evolving cybersecurity landscape. Although the original Computing article page may be unavailable, the implications are clear...

In today's rapidly evolving cybersecurity landscape, Microsoft 365 environments are facing a new breed of sophisticated attacks that exploit one of the most trusted authentication methods—OAuth. Recent investigations have revealed that threat actors are leveraging fake OAuth applications...

In today’s threat landscape, Windows users and Microsoft 365 administrators face increasingly sophisticated tactics from cybercriminals, who are now exploiting trusted workflows to compromise sensitive organizational data. Recent findings reveal that malicious actors are spoofing popular work...

In a twist straight out of a cyber espionage thriller, threat actors—potentially linked to Russian interests—have been abusing Microsoft’s device code authentication flow to hijack Microsoft 365 accounts. This sophisticated phishing campaign, tracked by Microsoft’s threat intelligence team as...

A clever new breed of phishing scam is on the rise and it's catching even the savviest users off guard. Researchers have uncovered a sustained campaign where Russian spies are using a technique known as "device code phishing" to gain unauthorized access to Microsoft 365 accounts. Windows users...

On November 12, 2024, Microsoft published critical information concerning a newly identified vulnerability in Microsoft Exchange Server, designated as CVE-2024-49040. This specific vulnerability poses a significant risk of spoofing attacks which could allow malicious actors to impersonate both...

In the ever-evolving landscape of cybersecurity, one method of attack has been capturing headlines and drawing alarm bells for security professionals: QR code phishing. In a striking report, Microsoft has announced significant advancements in its Defender for Office 365 to combat this...

Severity Rating: Revision Note: V2.0 (February 11, 2014): Revised advisory to announce that the 2862973 update for all affected releases of Microsoft Windows is now offered through automatic updating. Customers who previously applied the 2862973 update do not need to take any action. Summary...