Hacked email accounts have been used by threat actors to facilitate a phishing campaign that involves the use of Autodesk Drive-hosted PDF documents to compromise Microsoft account credentials, SecurityWeek reports.
U.S. political action committee Lincoln Project, which was formed in 2019 to counter former President Donald Trump's re-election bid, has been impacted by a business email compromise attack in February that resulted in the exfiltration of $35,000, reports The Record, a news site by cybersecurity firm Recorded Future.
BlackBerry researchers disclosed that a major U.S.-based multinational automaker had been targeted by the FIN7 hacking group in a spear-phishing attack late last year that sought to facilitate systems compromise with the Anunak malware, BleepingComputer reports.
The Cybersecurity and Infrastructure Security Agency has called for immediate authentication credential resets across all federal agencies that had their emails with Microsoft containing sensitive data compromised in an attack by Russian state-sponsored threat operation Midnight Blizzard, also known as APT29 and Cozy Bear, according to CyberScoop.
CyberScoop reports that Chinese advanced persistent threat group Storm-0558's compromise of email accounts belonging to Commerce Secretary Gina Raimondo and other high-level officials was blamed by the Cyber Safety Review Board on Microsoft's inadequate enterprise security and risk management efforts.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
