Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

A week in security (January 27 – February 2)

A list of topics we covered in the week of January 27 to February 2 of 2025

Malwarebytes
Open in Source
#google#microsoft#git
Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts

Cybersecurity researchers have discovered a malvertising campaign that's targeting Microsoft advertisers with bogus Google ads that aim to take them to phishing pages that are capable of harvesting their credentials. "These malicious ads, appearing on Google Search, are designed to steal the login information of users trying to access Microsoft's advertising platform," Jérôme Segura, senior

AI-Generated Content: How Cybercriminals Are Using It for Phishing Scams

AI-generated content is empowering even novice hackers to elevate phishing attacks, enabling highly personalized and convincing scams targeting…

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

The FBI and authorities in The Netherlands this week seized a number of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan. The proprietors of the service, who use the collective nickname "The Manipulaters," have been the subject of three stories published here since 2015. The FBI said the main clientele are organized crime groups that try to trick victim companies into making payments to a third party.

Tenable to Acquire Vulcan Cyber to Boost Exposure Management Focus

The deal, expected to close this quarter, will give Tenable One Exposure Management much-needed integration with over 100 third-party security tools and platforms.

FUNNULL Unmasked: AWS, Azure Abused for Global Cybercrime Operations

Discover how cybercriminals use 'Infrastructure Laundering' to exploit AWS and Azure for scams, phishing, and money laundering. Learn about FUNNULL CDN's tactics and their global impact on businesses and cybersecurity.

Healthcare Sector Charts 2 More Ransomware Attacks

No ransomware groups have yet to claim responsibility for either attack, and both institutions have yet to reveal what may have been stolen.

Infrastructure Laundering: Blending in with the Cloud

In an effort to blend in and make their malicious traffic tougher to block, hosting firms catering to cybercriminals in China and Russia increasingly are funneling their operations through major U.S. cloud providers. Research published this week on one such outfit -- a sprawling network tied to Chinese organized crime gangs and aptly named "Funnull" -- highlights a persistent whac-a-mole problem facing cloud services.

Microsoft advertisers phished via malicious Google ads

Just days after we uncovered a campaign targeting Google Ads accounts, a similar attack has surfaced, this time aimed at Microsoft...

Automated Pen Testing Is Improving — Slowly

The rate of evolution has been glacial, but tools now understand cloud environments and can target Web applications.