Microsoft announced it disrupted phishing sites controlled by Russian intelligence used to target Ukrainian institutions, as well as think tanks in the U.S. and Europe.
A marked uptick in activity for Indonesian phishing-as-a-service group SPM55 has researchers at threat intelligence firm DomainTools sounding the alarms.
Russian state-sponsored hacking group Armageddon, also known as Gamaredon, has been identified by the Computer Emergency Response Team of Ukraine to have been launching two separate phishing campaigns targeted at Ukrainian organizations and European Union government agencies, according to BleepingComputer.
At least 27,655 email addresses have been targeted by a phishing campaign spoofing WhatsApp's voice message capability to disseminate information-stealing malware.
Advanced persistent threat groups El Machete, Lyceum, and SideWinder have exploited the ongoing Russian invasion of Ukraine in spearphishing campaigns targeted at organizations across various sectors around the world last month, The Hacker News reports.
More than 100 high-value Mailchimp customers in the cryptocurrency and finance industries had their data exfiltrated as a result of a breach on one of the email marketing firm's internal tools.
Threat actors have recently launched a phishing campaign exploiting the calendar app Calendly in an effort to exfiltrate sensitive account credentials, according to TechRepublic.
Malicious actors have launched phishing attacks exploiting Microsoft Azure's Static Web Apps service to exfiltrate Microsoft, Outlook, Office365, and OneDrive account credentials.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
