The U.S. has been experiencing a new wave of phishing attacks leveraging COVID-19-themed lures targeted at small businesses following a hiatus in the summer, BleepingComputer reports.
Nearly 1,800 users around the world have been impacted by an ongoing Qbot malware campaign between September 28 and October 7, more than 800 of which are in corporate settings, reports SecurityWeek.
SiliconAngle reports that private equity company Vista Equity Partners is set to purchase cybersecurity training software provider KnowBe4 in a $4.6 billion deal, with the acquisition expected to be finalized in the first quarter of 2023.
This week’s healthcare data breach roundup includes a number of email and vendor-related incidents, led by 13 new filings from anesthesia practices with HHS over a “data security incident.”
Threat actors could leverage the new Caffeine phishing-as-a-service platform to easily launch phishing attacks, with the service observed by Mandiant to have been used in a large-scale Microsoft 365 phishing attack against one of its clients, BleepingComputer reports.
BleepingComputer reports that IcedID malware operators have been leveraging slightly different infection pathways, as well as command-and-control server IPs in various phishing campaigns last month.
Despite only emerging in March 2021 in the BazarCall campaign that leveraged phishing emails purporting to be from various subscriptions in an effort to distribute the BazarLoader malware, callback phishing attacks have since become a formidable cybersecurity threat.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
