Email security

Microsoft 365 and Gmail accounts have been increasingly targeted with attacks leveraging the new Tycoon 2FA phishing-as-a-service kit.

Attacks commenced with the delivery of malicious emails with PDF attachments linking to file-sharing site-hosted documents, which when opened fetches an MSI installer-containing ZIP archive that prompts Atera Agent installation.

Security pros say StrelaStealer uses control flow obfuscation — a technique that lets the threat actor better evade detection and reverse engineering.

More than 100 organizations in the U.S. and Europe have been subjected to a far-reaching StrelaStealer malware attack campaign aimed at exfiltrating email account credentials that peaked from late January to early February, BleepingComputer reports.

Digital document publishing sites have been exploited by threat actors to facilitate new phishing attacks that better bypass email security controls.

Intrusions commence with the delivery of salary-themed phishing emails with a Microsoft Word attachment.

The newly discovered China-linked APT group abused trust between governments.