For years, companies drilled one thing into employees’ heads: don’t trust weird emails. Problem is, attackers adapted. Instead of fighting against people’s skepticism around email, they moved to platforms employees already trust without thinking twice about it. One of the biggest targets right now is Microsoft Teams
A threat group called KongTuke has been using Teams chats to get inside corporate networks, and honestly, it’s working disturbingly well. Instead of blasting out phishing emails, they pose as internal IT staff and message employees directly through Teams. Sometimes they’re operating from already-compromised Microsoft 365 accounts. Other times they create fake accounts designed to look close enough to pass a quick glance. Either way, the attack can go from first contact to compromised system in just a few minutes. [Read more…]
A sinister campaign known as ShadowCaptcha is using over 100 compromised WordPress sites as unwitting hosts, redirecting visitors to fake CAPTCHA pages. These deceptive pages trigger malware delivery ranging from credential stealers to ransomware and cryptocurrency miners.
Hackers posing as IT support are targeting employees at large companies to sneak into their Salesforce systems and steal data. They start with a phone call, pretending to help with a routine issue. The real goal? To get the employee to connect to a fake version of Salesforce’s Data Loader tool. Once that happens, the attackers can quietly grab sensitive company data.