Area 1 Security recently stopped a sophisticated Microsoft Office 365 credential harvesting campaign targeting C-suite executives, high-level assistants, and financial departments across numerous industries, including financial services, insurance, and retail. Further research and analysis of the activity revealed a much larger operation than originally discovered. This included several additional directly-related credential phishing campaigns that targeted the same industries and positions using sophisticated techniques and advanced phishing kits, to bypass Microsoft’s native email defenses and email authentication.
Argyle Independent School District is located in Argyle, Texas was looking to implement an emergency communications system across the district for everyday alerts, as well as emergencies, threats or weather events.
Mimecast released an incident response report on their internal investigation of the SolarWinds supply chain attack. The investigation was supported by third-party forensics and cyber incident response experts at Mandiant, a division of FireEye, and in coordination with law enforcement to aid their investigation into this threat actor.
The FBI’s Internet Crime Complaint Center has released its annual report. The 2020 Internet Crime Report includes information from 791,790 complaints of suspected internet crime—an increase of more than 300,000 complaints from 2019—and reported losses exceeding $4.2 billion. State-specific statistics have also been released and can be found within the 2020 Internet Crime Report and in the accompanying 2020 State Reports.
Veeam Data Protection Report 2021 finds that COVID-19 has significantly impacted Digital Transformation (DX) spending, with 40% of global organizations viewing economic uncertainty as the greatest barrier to DX in the next 12 months and one-third having slowed or halted initiatives in the past year
March 18, 2021
Data protection challenges are undermining organizations’ ability to execute Digital Transformation (DX) initiatives globally, according to the Veeam Data Protection Report 2021, which has found that 58% of backups fail leaving data unprotected. The report revealed that against the backdrop of COVID-19 and ensuing economic uncertainty, which 40% of CXOs cite as the biggest threat to their organization’s DX in the next 12 months, inadequate data protection and the challenges to business continuity posed by the pandemic are hindering organizations’ initiatives to transform.
Amanda Fennell, Chief Security Officer (CSO) at global legal and compliance technology company Relativity, has decided to bring her experience to audio in a new podcast called Security Sandbox.
Google has released an update for its Chrome web browser that fixes five security flaws, including a zero-day vulnerability known to be exploited by malicious actors. The bugs affect Windows, macOS and Linux versions of the browser.
Vectra AI released its global survey of 1,112 security professionals working in mid to large sized organizations using Microsoft Office 365. The results confirm that the COVID-19 pandemic has accelerated cloud migration and digital transformation amongst 88% of companies and that 71% of Microsoft Office 365 deployments have suffered an account takeover of a legitimate user’s account, not once, but on average seven times in the last year.
HP threat intel team reveals rising web browser exploits, RAT-infested delivery alerts, DOSfuscation and other hacker activity
March 17, 2021
HP Inc. released its new Quarterly Threat Insights Report, providing analysis of real-world attacks against customers worldwide. The report found that 29% of malware captured was previously unknown* – due to the widespread use of packers and obfuscation techniques by attackers seeking to evade detection. 88% of malware was delivered by email into users’ inboxes, in many cases having bypassed gateway filters. It took 8.8 days, on average, for threats to become known by hash to antivirus engines – giving hackers over a week’s ‘head-start’ to further their campaigns.