Such a disclosure from iLearningEngines, which comes months after questions regarding the legitimacy of its revenue figures surfaced, also follows a string of business email compromise attacks resulting in the theft of millions of dollars in recent months.
While email correspondences between the Congressional Research Service and other Library staff and certain congressional offices between January and September had been compromised, such an intrusion — which was initially reported by NBC News — did not affect the House and Senate's IT networks and respective email accounts.
While SVG primarily enables the crafting of images using text, lines, and shapes in code rather than pixels, such files could also be utilized to show HTML and facilitate JavaScript execution in credential-stealing phishing forms.
Malicious emails purporting to be invoices that contain ZIP attachments have been delivered to facilitate the execution of a WebDAV-retrieved DLL that loads the updated Strela Stealer variant.
The U.S. Department of Justice announced that Nigerian hacker Kolade Akinwale Ojelade has been sentenced to more than 26 years imprisonment for his involvement in a massive phishing scam against real estate businesses that resulted in the theft of $12 million.
Any form of MFA is better than passwords alone, but organizations must implement modern, phishing-resistant forms of MFA to truly improve their security postures.
