Journalists Emerge as Favored Attack Target for APTs
Since 2021, various state-aligned threat groups have turned up their targeting of journalists to siphon data and credentials and also track them.
Large-Scale Phishing Campaign Bypasses MFA
Attackers used adversary-in-the-middle attacks to steal passwords, hijack sign-in sessions and skip authentication and then use victim mailboxes to launch BEC attacks against other targets.
‘Callback’ Phishing Campaign Impersonates Security Firms
Victims instructed to make a phone call that will direct them to a link for downloading malware.