Manufacturers Lose Azure Creds to HubSpot Phishing Attack

Cyberattackers used fake DocuSign links and HubSpot forms to try to solicit Azure cloud logins from hundreds of thousands of employees across Europe.

Follow Dark Reading:

December 19, 2024

LATEST SECURITY NEWS & COMMENTARY Manufacturers Lose Azure Creds to HubSpot Phishing Attack Cyberattackers used fake DocuSign links and HubSpot forms to try to solicit Azure cloud logins from hundreds of thousands of employees across Europe. Phishers Spoof Google Calendar Invites in Fast-Spreading, Global Campaign Attackers are using links to the popular Google scheduling app to lead users to pages that steal credentials, with the ultimate goal of committing financial fraud. Midnight Blizzard Taps Phishing Emails, Rogue RDP Nets The Russian-based attack group uses legitimate red-team tools, 200 domain names, and 34 back-end RDP servers, making it harder to identify and block malicious activity. Recorded Future: Russia's 'Undesirable' Designation Is a Compliment The threat intelligence business, which is set to be acquired by Mastercard for billions, is officially vendor non grata in Putin's regime. India Sees Surge in API Attacks, Especially in Banking, Utilities The number of DDoS-related incidents targeting APIs have jumped by 30x compared with traditional Web assets, suggesting that attackers see the growing API landscape as the more attractive target. Interpol: Can We Drop the Term 'Pig Butchering'? The agency asks the cybersecurity community to adopt "romance baiting" in place of dehumanizing language. The Importance of Empowering CFOs Against Cyber Threats Working closely with CISOs, chief financial officers can become key players in protecting their organizations' critical assets and ensuring long-term financial stability. MORE NEWS / MORE COMMENTARY HOT TOPICS Does Desktop AI Come With a Side of Risk? Artificial intelligence capabilities are coming to a desktop near you — with Microsoft 365 Copilot, Google Gemini with Project Jarvis, and Apple Intelligence all arriving (or having arrived). But what are the risks? To Defeat Cybercriminals, Understand How They Think Getting inside the mind of a threat actor can help security pros understand how they operate and what they're looking for — in essence, what makes a soft target. Texas Tech Fumbles Medical Data in Massive Breach The cyberattack impacts at least 1.4 million patients, as tranches of highly sensitive personal, medical, and financial data fall into the hands of cyber crooks who have everything they need to carry out convincing social engineering and fraud attacks. The Education Industry: Why Its Data Must Be Protected The sector must prioritize comprehensive data protection strategies to safeguard PII in an aggressive threat environment. MORE PRODUCTS & RELEASES CISA Directs Federal Agencies to Secure Cloud Environments Wallarm Releases API Honeypot Report Highlighting API Attack Trends Delinea Joins CVE Numbering Authority Program MORE PRODUCTS & RELEASES EDITORS' CHOICE Azure Data Factory Bugs Expose Cloud Infrastructure Three vulnerabilities in the service's Apache Airflow integration could have allowed attackers to take shadow administrative control over an enterprise cloud infrastructure, gain access to and exfiltrate data, and deploy malware. LATEST FROM THE EDGE CISA Releases Draft of National Cyber Incident Response Plan The draft of the long-awaited update to the NCIRP outlines the efforts, mechanisms, involved parties, and decisions the US government will use in response to a large-scale cyber incident. LATEST FROM DR TECHNOLOGY Bridging the 'Keyboard-to-Chair' Gap With Identity Verification Modern identity verification (IDV) approaches aim to connect digital credentials and real-world identity without sacrificing usability. LATEST FROM DR GLOBAL Thai Police Systems Under Fire From 'Yokai' Backdoor Hackers are abusing legitimate Windows utilities to target Thai law enforcement with a novel malware that is a mix of sophistication and amateurishness. WEBINARS Securing Your Cloud Data Across the Attack Timeline The Dirt on ROT Data View More Dark Reading Webinars >> WHITE PAPERS IDC Analyst Brief: Enhancing Incident Response with Automated Investigation Workflows From security alert to action: Accelerating incident response with automated investigations Enhancing Cybersecurity: The Critical Role Of Software Security Training 4 Steps to Deploying an AppSec Training Program Solution Brief: Introducing the runZero Platform The State of Cloud Native Security Report 2024 Generative AI Gifts View More White Papers >> FEATURED REPORTS Managing Third-Party Risk Through Situational Awareness 2024 InformationWeek US IT Salary Report View More Dark Reading Reports >>

Dark Reading Daily -- Published By Dark Reading Operated by TechTarget, Inc. and its subsidiaries, 275 Grove Street, Newton, Massachusetts, 02466 US To opt-out of any future Dark Reading Daily Newsletter emails, please respond here. Thoughts about this newsletter? Give us feedback. Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our Privacy Statement.

© 2024 | TechTarget, Inc. | Privacy Statement | Terms & Conditions | Contact Us