Email security

Threat actors have been deploying new phishing attacks exploiting Google Looker Studio in a bid to evade security defenses, according to SecurityWeek.

While only 224 users were affected, security pros raised eyebrows because the victims could have been prominent journalists and editors.

Two separate phishing campaigns have been distributing the new variants of the SideTwist and AgentTesla backdoors, according to The Hacker News.

The compromise of a Microsoft engineer’s account was just one of several factors that allowed threat group Storm-0558 to steal a cryptographic signing key and access U.S. government accounts.

Data shows cybercriminals are adopting AI for more attacks attempting to abuse trust and deliver multistage payloads.

Group-IB researchers uncover an underground market that leverage phishing kits to bypass MFA and launch BEC attacks in the United States, Australia, and Europe.

Group-IB researchers say threat group leveraged automation to impersonate 251 unique brands and reaped a total of $64.5 million.