Rockstar 2FA: The New Phishing Toolkit Bypassing Microsoft 365 Security
A sophisticated phishing toolkit called Rockstar 2FA is enabling cybercriminals to bypass Microsoft 365's multi-factor authentication through adversary-in-the-middle attacks. Available for just $200, this accessible platform provides advanced features like cookie harvesting and customizable login pages that pose a significant threat to organizations.
Microsoft Takes Down Global Phishing Network in Major Cybersecurity Operation
Microsoft's Digital Crimes Unit has dismantled a sophisticated Egyptian-run phishing operation that sold criminal toolkits targeting financial institutions. The takedown of over 240 websites comes as Microsoft reports a 146% increase in advanced phishing attacks, highlighting escalating efforts to combat cybercrime.
Malicious GitHub Commits Target Security Researcher in Identity Fraud Attack
Multiple open-source projects on GitHub were compromised by unauthorized code commits falsely attributed to security researcher Stephen Lacy. The attack exploited commit verification weaknesses to damage the researcher's reputation, prompting GitHub to investigate and the community to implement stricter authentication measures.
T-Mobile Hit by Data Breach in Latest Attack on Telecom Giants
T-Mobile confirms unauthorized access to its systems in a recent cybersecurity incident, marking the latest in a series of attacks targeting major telecommunications providers. The company is working with security experts and law enforcement while advising customers to change passwords and enable two-factor authentication.
Massive Data Breach at Set Forth Exposes 1.5 Million Customers' Personal Information
Set Forth, a major American debt services firm, suffered a significant data breach compromising sensitive data of 1.5 million customers and their families. The company discovered unauthorized system access in May 2024, leading to the theft of personal information including social security numbers.
Major Cyberattack Paralyzes Payment Systems Across Israel
A widespread cyberattack disrupted payment processing networks throughout Israel, forcing businesses to halt card transactions and accept only cash. The incident exposed vulnerabilities in critical payment infrastructure while cybersecurity teams worked to restore services and implement additional protections.
The Hidden Danger of Useless Security Controls: Wasting Resources and Undermining Cybersecurity
Many organizations implement ineffective security measures that waste resources and potentially make systems less secure. Learn how to identify and eliminate these useless controls to focus on genuine cybersecurity challenges.
57 Million Hot Topic Customers Alerted to Data Breach by Have I Been Pwned
Have I Been Pwned notifies 57 million individuals of a major data breach at Hot Topic, a popular retail chain. Affected customers are urged to take immediate action to protect their personal information.
Critical Flaw in Microsoft Bookings Exposes Users to Account Hijacking and Impersonation
A severe vulnerability in Microsoft Bookings allows unauthorized access and key personnel impersonation, raising cybersecurity concerns. Users are advised to implement additional security measures while Microsoft works on a fix.
Stealthy New Remcos RAT Variant Evades Detection with Fileless Techniques
Security researchers uncover a sophisticated new version of the Remcos remote access trojan using advanced evasion methods. This fileless malware variant exploits vulnerabilities and leverages legitimate processes to avoid detection while providing attackers extensive remote control capabilities.