Phishing

Recent research by cybersecurity firms Deep Instinct and Group-IB has revealed a new spear-phishing campaign conducted by the Iranian nation-state actor known as MuddyWater. This campaign, which began during the Israel-Hamas war, showcases updated Tactics, Techniques, and Procedures (TTPs) compared to MuddyWater's previous activities. Campaign Details: MuddyWater's spear-phishing emails, dating back to 2020, have utilized [...]

Cyber threats have recently been evolving rapidly, with threat actors continuously adapting their tactics to exploit vulnerabilities. One such threat group that has caught the attention of cybersecurity experts is Storm-0324, also known as TA543 and Sagrid. Microsoft's Threat Intelligence team has been closely monitoring Storm-0324, which has been actively involved in phishing campaigns and [...]

In a recent cybersecurity development, hackers launched a sophisticated phishing campaign that exploited a zero-day vulnerability in Salesforce's email services and SMTP servers. This campaign targeted valuable Facebook accounts by exploiting a flaw known as "PhishForce" to bypass sender verification safeguards in Salesforce and leverage quirks in Facebook's web games platform to mass-send phishing emails. [...]