Office 365 Phishing Campaign Abuses Stolen Amazon SES Token

By Lisa Vaas
threatpost.com
 7 days ago

Cover picture for the articleStolen access token leveraged in phishing campaign that spoofs brand name email addresses. A surge in spearphishing emails designed to steal Office 365 credentials include some that were rigged to look like they came from major brands, including Kaspersky. According to a Kaspersky security bulletin posted Monday, two phishing...

The Verge

Robinhood says a hacker who tried to extort the company got access to data for 7 million customers

Trading platform Robinhood said Monday that personal information for more than 7 million customers was accessed during a data breach on November 3rd. The company said in a news release that it does not appear that Social Security numbers, bank account numbers, or debit card numbers were exposed, and no customers have had “financial loss” due to the incident.
PUBLIC SAFETY
TechRepublic

Voice phishing attack spoofs Amazon to steal credit card information

Impersonating an Amazon order notification, the attackers end up calling victims to try to obtain their credit card details, says Avanan. As the holidays approach, cybercriminals will be pulling the usual stunts to take advantage of the season. That means we can expect scams that exploit retailers such as Amazon. A recent campaign spotted by email security provider Avanan spoofs Amazon with both a traditional phishing message and a voice call to try to steal credit card information.
PUBLIC SAFETY
Digital Trends

Amazon is having a FLASH SALE on Microsoft Office today

Microsoft Office: You know it, you use it, you need it. The world’s most ubiquitous software for getting stuff done is available at a discounted price during this Flash Sale going on at Amazon today. Some of the best Black Friday deals are already kicking off, and as expected Amazon is leading the retail industry with major markdowns happening now. Right now, you can get a 12-month subscription to Microsoft 365 Personal for $59, a one-time download of Microsoft Office Home and Student for just $125, or the deluxe Microsoft Office Home and Business 2021 for $220. Whether you’re using Word to write your novel, Excel to track your small business earnings, or Teams and Outlook to manage your employees, the Microsoft Office suite of programs is essential to everything you want to do. Check out these Amazon Black Friday deals for more savings on the tech you need.
COMPUTERS
#Phishing Attacks#Business Email Compromise#Ses#Mircboot#Amazon Web Services
FOX59

Users of investing app Robinhood become victims of a data breach

NEW YORK (AP) — Popular investing app Robinhood said Monday that it suffered a security breach last week where hackers accessed some personal information for roughly 7 million users and demanded a ransom payment. The online trading platform said that it believes no Social Security numbers, bank account numbers or debit-card numbers were exposed and […]
PUBLIC SAFETY
Dark Reading

Phishing Attack Blends Spoofed Amazon Order and Fraudulent Customer Service Agents

A new multistage phishing campaign spoofs Amazon's order notification page and includes a phony customer service voice number where the attackers request the victim's credit card details to correct the errant "order." The campaign, highlighted in new research from Avanan on Thursday, underscores how phishing attacks are growing in sophistication...
PUBLIC SAFETY
Tom's Hardware

Phishing for Crypto: Half a Million Dollars Stolen Via Google Ads Exploit

Cyber threat analysis firm Check point Research (CPR) has issued an alert regarding a recent phishing campaign mainly targeting Phantom and Metamask users. The threat makes use of Google Ads to bump fake websites in search results, meant to prompt users to provide their keys or make new wallets on behalf of bad actors. It's currently estimated that half a million dollars have been diverted from their legitimate users' wallets. Due to the nature of the attack being carried out during the (supposed) wallet creation process, new entrants to the crypto space are likely to be the most heavily affected.
PUBLIC SAFETY
threatpost.com

Squid Game Crypto Scammers Rips Off Investors for Millions

Anti-dumping code kept investors from selling SQUID while fraudsters cashed out. Players in the Squid Game cryptocurrency market have been eliminated — at least their investment has — by what cryptocurrency watchers have called a classic “rug-pull” scam. When SQUID tokens were first released last week, they were valued at...
GAMBLING
threatpost.com

Google Ads for Faux Cryptowallets Net Scammers At Least $500K

Malicious Phantom, MetaMask cryptowallets are on the prowl to drain victim funds. Crypto-thieves are buying Google Ads to target victims with fake wallets, which steal credentials and drain balances. So far, it looks like the cybercrooks have made off with more than $500,000 and counting. The ads serve links to...
PUBLIC SAFETY
threatpost.com

Proofpoint Phish Harvests Microsoft O365, Google Logins

A savvy campaign impersonating the cybersecurity company skated past Microsoft email security. Phishers are impersonating Proofpoint, the cybersecurity firm, in an attempt to make off with victims’ Microsoft Office 365 and Google email credentials. According to researchers at Armorblox, they spotted one such campaign lobbed at an unnamed global communications...
TECHNOLOGY
threatpost.com

‘Tortilla’ Wraps Exchange Servers in ProxyShell Attacks

The Microsoft Exchange ProxyShell vulnerabilities are being exploited yet again for ransomware, this time with Babuk from the new “Tortilla” threat actor. A new-ish threat actor sometimes known as “Tortilla” is launching a fresh round of ProxyShell attacks on Microsoft Exchange servers, this time with the aim of inflicting vulnerable servers with variants of the Babuk ransomware.
SOFTWARE
threatpost.com

Free Discord Nitro Offer Used to Steal Steam Credentials

A fake Steam pop-up prompts users to ‘link’ Discord account for free Nitro subs. There’s a new scam making the rounds on Discord, through which cybercriminals can harvest Steam account information and make off with any value it contains. Gamer-aimed Discord scams are just about everywhere. But researchers flagged a...
TECHNOLOGY
threatpost.com

Zoho Password Manager Flaw Torched by Godzilla Webshell

Researchers have spotted a second, worldwide campaign exploiting the Zoho zero-day: one that’s breached defense, energy and healthcare organizations. A new campaign is prying apart a known security vulnerability in the Zoho ManageEngine ADSelfService Plus password manager, researchers warned over the weekend. The threat actors have managed to exploit the Zoho weakness in at least nine global entities across critical sectors so far (technology, defense, healthcare, energy and education), deploying the Godzilla webshell and exfiltrating data.
COMPUTERS
threatpost.com

Zebra2104 Initial Access Broker Supports Rival Malware Gangs, APTs

Researchers have uncovered a large, tangled web of infrastructure being used to enable a wide variety of cyberattacks. Three separate threat groups are all using a common initial access broker (IAB) to enable their cyberattacks, according to researchers – a finding that has revealed a tangled web of related attack infrastructure underpinning disparate (and in some cases rival) malware campaigns.
TECHNOLOGY
threatpost.com

DDoS Attacks Shatter Records in Q3, Report Finds

Q3 DDoS attacks topped thousands daily, with more growth expected. The third quarter saw the sheer volume of distributed denial-of-service (DDoS) attacks surge to several thousand hits per day, signaling a re-distribution of tactics by malicious actors away from cryptomining and toward the use of DDoS as a tool of intimidation, disinformation and straight-up extortion.
TECHNOLOGY
The Independent

7 best VPN services for streaming securely in 2021

A VPN, or a virtual private network, is a little tool that masks your internet identity inside a virtual tunnel, hiding your IP address from your internet service provider, websites and other prying eyes. When you use one, an encrypted connection is established between your device and a server somewhere in the world, tricking everyone into thinking you’re browsing from a different location.The use of VPNs has been growing astronomically over the past few years, especially with employees moving to a hybridised remote working environment.As Rick McElroy, principal cybersecurity specialist at cloud computing company VMware explains, VPNs are a...
TECHNOLOGY
techstartups.com

Robinhood hacked: 5 million users’ data stolen after a hacker used social engineering to trick a customer support employee

Robinhood, the controversial commission-free stock trading app that blocked Reddit Army from trading Gamestop and AMC stocks back in April, has been hacked. In a blog post, Robinhood admitted that the fintech company suffered a “data security incident” on November 3rd after a customer support employee was socially-engineered. According to...
PUBLIC SAFETY

