Starting in December 2024, leading up to some of the busiest travel days, Microsoft Threat Intelligence identified a phishing ...

A two-step phishing attack is leveraging Microsoft Visio files (.vsdx) and SharePoint, marking a new chapter in cyber deception, experts have warned. Perception Point’s security researchers ...

A threat actor tracked as 'EncryptHub,' aka Larva-208, has been targeting organizations worldwide with spear-phishing and ...

Below is Redmond's diagram illustrating the flow of ... After gaining the victim's trust, the attackers send phishing emails with spoofed Microsoft Teams meeting invites, according to the researchers.

An active campaign from a threat actor potentially linked to Russia is targeting Microsoft 365 accounts of individuals at organizations of interest using device code phishing. The targets are in ...

Russia-backed threat actors have attacked a wide range of organizations in a device-code phishing campaign that has been active since at least August of 2024. Microsoft Threat Intelligence warned ...

A new phishing campaign has been spotted using ‘device code phishing’ through Microsoft Teams to target governments, NGOs, and other industries across Europe, North America, Africa ...

Researchers have uncovered a sustained and ongoing campaign by Russian spies that uses a clever phishing technique to hijack Microsoft 365 accounts belonging to a wide range of targets ...

Microsoft explains: “The attacks use a specific phishing technique called ‘device code phishing’ that tricks users to log into productivity apps, while Storm-2372 actors capture the ...

Microsoft has spotted a new phishing attack vector in the wild Storm-2372 is stealing access tokens through Microsoft Teams The group has been linked to Russia with medium confidence A new ...