phishing

Attackers are rapidly evolving their playbook in the ongoing battle over account security, and the latest threat landscape facing Microsoft 365 users underscores just how sophisticated these threats have become. Cybersecurity firm Proofpoint recently sounded the alarm on a new tier of phishing...

In today’s hyper-connected digital era, where the lines between on-premises infrastructure and sprawling cloud environments are increasingly blurred, identity-based cyberthreats have surged to the forefront of cybersecurity challenges. The startling pace and sophistication of these attacks have...

In a rapidly evolving cybersecurity landscape, defenders continually play catch-up as threat actors devise innovative ways to evade detection, exploit trust, and steal sensitive information. A recent revelation by cybersecurity researchers highlights a sophisticated phishing campaign targeting...

In a rapidly evolving threat landscape marked by sophisticated digital deception, the Scattered Spider hacking group has carved out a notorious reputation for exploiting trust—both technological and human—to compromise some of the world’s most widely used platforms. Recent advisories from...

Disaster resilience in the cloud era is often painted as a technical sprint towards ever-better backups, clever failovers, and bulletproof storage replication. But beneath the shiny surface of business continuity lies a quieter, sometimes overlooked foundational truth: identity is the keystone...

In a development commanding the attention of cybersecurity professionals worldwide, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with multiple international law enforcement and cybersecurity entities, has released an updated advisory on the Scattered Spider...

When navigating the digital world, especially within the Windows ecosystem, it's easy to take for granted the many default settings designed to simplify the user experience. Yet, behind Windows’ clean and uncluttered File Explorer interface lies a subtle, yet significant, risk: by default, file...

In recent months, the aviation and transportation sectors have become prime targets for sophisticated phishing attacks, particularly those involving Business Email Compromise (BEC) schemes. Cybercriminals are exploiting executive email accounts to deceive customers and partners into transferring...

In the second quarter of 2024, Microsoft emerged as the most impersonated brand in phishing attacks, accounting for 57% of such incidents, according to Check Point Research. This significant increase underscores the growing trend of cybercriminals targeting major technology companies to exploit...

The npm JavaScript ecosystem has once again been rocked by a coordinated malware campaign, this time targeting both cross-platform and Windows-specific environments through widely trusted packages. The incident, centered around the highly popular "is" package and several linting tools associated...

Phishing remains one of the most persistent and rapidly evolving threats within the digital landscape, and recent findings from Check Point Research (CPR) underscore how attackers are constantly updating their strategies to take advantage of shifting user habits and the immense popularity of...

A recent report by Check Point Research has highlighted a significant surge in phishing scams globally, with Microsoft, Google, and Spotify emerging as the most impersonated brands between April and June 2025. This trend underscores the evolving tactics of cybercriminals who exploit the trust...

The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and the Multi-State Information Sharing and Analysis Center (MS-ISAC), has issued a joint Cybersecurity Advisory to...

Britain’s cybersecurity landscape is once again in sharp focus after confirmation that the UK’s National Cyber Security Centre (NCSC) has detected a “limited number” of domestic victims in the recent Microsoft hack campaign. While not on the scale of some prior, sweeping incidents, the attack...

The UK's National Cyber Security Centre (NCSC) has recently disclosed a sophisticated cyber-espionage campaign orchestrated by the Russian state-sponsored group APT28, also known as Fancy Bear. This campaign employs a malware strain dubbed "Authentic Antics" to infiltrate Microsoft 365 accounts...

As organisations across Australia and globally embrace the cloud to streamline operations and enable seamless collaboration, the question of security has never been more urgent. Cloud platforms like Microsoft 365, Google Workspace, AWS, and Azure have become central to business operations—but so...

In recent developments, cybersecurity researchers have uncovered a sophisticated phishing toolkit named PoisonSeed, designed to circumvent the robust protections offered by FIDO2 authentication. This malicious tool targets users of Microsoft 365, Google Workspace, and Okta by redirecting their...

Cybersecurity threats continue to evolve at a dizzying pace, and one of the latest techniques making headlines is the FileFix attack. This sophisticated method leverages the Windows clipboard, a seemingly innocuous and everyday feature, to bypass traditional malware defenses and exploit...

Microsoft’s recent move toward greater transparency in email security effectiveness offers a timely and much-needed step forward for organizations seeking to stay a step ahead of relentless and evolving cyber threats. Over the past decade, the threat landscape has shifted dramatically...

Attackers are upping their game in the world of phishing, combining the power of artificial intelligence and native cloud tools to build attacks that are nearly indistinguishable from legitimate IT workflows. The latest trend, “native phishing,” leverages trusted Microsoft 365 (M365)...