The fraudsters ran their campaigns from the cloud and used phishing attacks and email forwarding rules to steal financial information Microsoft has shut down a sprawling Business Email Compromise (BEC) operation that had its infrastructure hosted in several web services. Using these cloud-based assets, the threat actors infiltrated hundreds of mailboxes across multiple organizations and…

Most medical and fitness apps in Google Play have tracking capabilities enabled and their data collection practices aren’t transparent As many as 88 percent of almost 21,000 mobile health (mHealth) applications that are accessible on the Google Play Store from Australia include code that can access and even share users’ personal data with third parties,…

OSINT can be used by anyone, both for good and bad ends – here’s how defenders can use it to keep ahead of attackers The cybersecurity industry often gets obsessed with technology: the latest exploits, hacking tools and threat hunting software. In reality, a lot comes down to people. It’s people who develop malware, people…