Healthcare organizations, banks, educational institutions, and construction firms have been subjected to an ongoing phishing scam involving the exploitation of Google Calendar to facilitate clandestine credentials compromise, BleepingComputer reports.
Russian state-backed threat group APT29, also known as Midnight Blizzard, BlueBravo, Cozy Bear, and Nobelium, has leveraged red team tools exploiting the remote desktop protocol to facilitate a far-reaching cyberespionage campaign against Ukrainian and European governments, armed forces, researchers, and think tanks beginning in October, reports The Record, a news site by cybersecurity firm Recorded Future.
Attacks involved impersonation of a user's client through a call on Microsoft Teams that successfully lured targets into downloading AnyDesk following the failed installation of the Microsoft Remote Support app, a report from Trend Micro revealed.
Attacks involved the addition of a BeMob URL to the ad management system of the Monetag website monetization platform, also known as Omnatuor or Vane Viper, in an effort to enable TDS redirection to fake CAPTCHA pages hosted on various legitimate services, according to a Guardio Labs report.
More than 300 SMTP servers have been leveraged by yet-to-be-identified threat actors to facilitate the automated distribution of phishing emails purporting to be business proposals, contracts, or promotional materials from widely known brands, according to an analysis from CloudSEK.
This week, in the enterprise security news, NOTE: We didn't get to 2, 3, 5, or 7 due to some technical difficulties and time constraints, but we'll hit them next week! The show notes have been updated to reflect what we actually discussed this week: https://www.scworld.com/podcast-segment/13370-enterprise-security-weekly-387. Snowflake takes securi...
