Phishing Attacks target Microsoft 365 | At Neuways, we understand that cyber threats evolve rapidly, and staying ahead of attackers is critical for businesses relying on Microsoft 365. A recent discovery by cyber security researchers revealed a new and dangerous phishing-as-a-service (PhaaS) scheme called Sneaky Log, which poses a significant threat to organisations using Microsoft … Read more
A new Adversary-in-the-Middle (AiTM) phishing kit targeting Microsoft 365 accounts has the ability to intercept both user credentials and two-factor authentication (2FA), ultimately bypassing anti-phishing defenses such as email and secure web gateways. In a Jan. 16 blog post, Sekoia researchers said these phishing pages have been circulating since at least October 2024 and have … Read more
Residents across the United States are being inundated with text messages purporting to come from toll road operators like E-ZPass, warning that recipients face fines if a delinquent toll fee remains unpaid. Researchers say the surge in SMS spam coincides with new features added to a popular commercial phishing kit sold in China that makes … Read more
Jan 04, 2025Ravie LakshmananMalware / VPN Security Cybersecurity researchers have flagged a new malware called PLAYFULGHOST that comes with a wide range of information-gathering features like keylogging, screen capture, audio capture, remote shell, and file transfer/execution. The backdoor, according to Google’s Managed Defense team, shares functional overlaps with a known remote administration tool referred to … Read more
Corrupted Microsoft Office documents and archive files have been used to evade detection in a recent phishing campaign, according to ANY.RUN. The files are intentionally corrupted to prevent scanning by email filters and antivirus software, and to prevent them from launching properly in sandbox environments, according to ANY.RUN. However, the files can still be recovered … Read more
