Found 16 bookmarks
Custom sorting
Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware
Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware
Starting in December 2024, leading up to some of the busiest travel days, Microsoft Threat Intelligence identified a phishing campaign that impersonates online travel agency Booking.com and targets organizations in the hospitality industry. The campaign uses a social engineering technique called ClickFix to deliver multiple credential-stealing malware in order to conduct financial fraud and theft. […]
#microsoft#EN#2025#Phishing#campaign#credential-stealing#malware#Booking.com#ClickFix
·microsoft.com·
Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware
Storm-2372 conducts device code phishing campaign
Storm-2372 conducts device code phishing campaign
Microsoft Threat Intelligence Center discovered an active and successful device code phishing campaign by a threat actor we track as Storm-2372. Our ongoing investigation indicates that this campaign has been active since August 2024 with the actor creating lures that resemble messaging app experiences including WhatsApp, Signal, and Microsoft Teams. Storm-2372’s targets during this time have included government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas in Europe, North America, Africa, and the Middle East. Microsoft assesses with medium confidence that Storm-2372 aligns with Russian interests, victimology, and tradecraft.
#microsoft#EN#2025#Storm-2372#phishing#campaign#Russia
·microsoft.com·
Storm-2372 conducts device code phishing campaign
New Star Blizzard spear-phishing campaign targets WhatsApp accounts | Microsoft Security Blog
New Star Blizzard spear-phishing campaign targets WhatsApp accounts | Microsoft Security Blog
In mid-November 2024, Microsoft Threat Intelligence observed the Russian threat actor we track as Star Blizzard sending their typical targets spear-phishing messages, this time offering the supposed opportunity to join a WhatsApp group. This is the first time we have identified a shift in Star Blizzard’s longstanding tactics, techniques, and procedures (TTPs) to leverage a […]
#microsoft#Threat#Intelligence#Star-Blizzard#WhatsApp#spear-phishing#campaign#research
·microsoft.com·
New Star Blizzard spear-phishing campaign targets WhatsApp accounts | Microsoft Security Blog