Hacker lasciano in piena vista le credenziali di rubate attraverso una campagna di phishing.

Dal noto blog di Checkpoint

Cyber-crime is a complex landscape, but when it comes to actually launching cyber-attacks, there are three main techniques that criminals have relied on for decades to help them get around organizations’ defenses and into their networks:  phishing, credentials theft and business email compromise.  According to Verizon’s Data Breach Investigation Report, these ‘big three’ are the cause over two-thirds (67%) of all successful data breaches globally.

Check Point Research recently joined forces with Otorio to analyze and take a deep dive into a large scale phishing campaign that targeted thousands of global organizations, revealing the campaign’s overall infection chain, infrastructure and how the emails were distributed.

In August, attackers initiated a phishing campaign with emails that masqueraded as Xerox scan notifications, prompting users to open a malicious HTML attachment. While this infection chain may sound simple, it successfully bypassed Microsoft Office 365 Advanced Threat Protection (ATP) filtering and stole over a thousand corporate employees’ credentials.

https://blog.checkpoint.com/2021/01/21/cyber-criminals-leave-stolen-phishing-credentials-in-plain-sight/

 

I commenti sono chiusi