Companies in Germany are facing a new wave of cyberattacks. The State Criminal Police Office of North Rhine-Westphalia has issued a warning. Cybercriminals are targeting Microsoft 365, particularly email and document management, as a way to launch their attacks.
“Unknown perpetrators take over email accounts and then send messages on behalf of the affected companies. These emails contain dangerous attachments or links. The emails look genuine because they do not contain any language errors, but often contain real previous conversations. As soon as a recipient clicks on the links, the IT system can be immediately attacked and data loss or theft as well as other attacks, such as phishing attacks, can occur” the press release reads.
By infosecbulletin
/ Monday , June 24 2024
LockBit claimed that it breached Federal Reserve Board (Federalreserve.gov), the central banking system of the United States and exfiltrated 33...
Read More
By infosecbulletin
/ Monday , June 24 2024
Cyber attack compromised Indonesia's national data center, causing trouble with immigration checks at airports. Attacker demanded an $8 million ransom,...
Read More
By infosecbulletin
/ Sunday , June 23 2024
ESET Issued security patch for privilege escalation flaw in its Windows security products. This flaw, called CVE-2024-2003 (CVSS 7.3), was...
Read More
By infosecbulletin
/ Saturday , June 22 2024
A threat offer to sell a zero-day exploit for Atlassian's Jira in a underground forum. This exploit can be used...
Read More
By infosecbulletin
/ Friday , June 21 2024
The US plans to ban the sale of Kaspersky antivirus software due to its alleged ties to the Kremlin. Gina...
Read More
By infosecbulletin
/ Friday , June 21 2024
A group believed to be linked to China has hacked multiple telecom operators in an Asian country since 2021, according...
Read More
By infosecbulletin
/ Thursday , June 20 2024
Certified Information Systems Auditor (CISA) is a globally recognized professional certification for information systems audit, control, and security. It's offered...
Read More
By infosecbulletin
/ Thursday , June 20 2024
DataDog Security Labs found a worrying campaign targeting Amazon Web Services (AWS), showing a new wave of harmful activity aimed...
Read More
By infosecbulletin
/ Wednesday , June 19 2024
CISA and the FBI released guidance, Modern Approaches to Network Access Security, with support from other organizations including New Zealand’s...
Read More
By infosecbulletin
/ Tuesday , June 18 2024
On June 18, 2024, CISA released an advisory about Industrial Control Systems (ICS). These advisories give important information about security...
Read More
According to the press release “many companies are currently affected by cyber attacks on Office 365 (email and document management). These attacks also pose a risk to companies connected to the corporate network as well as to their customers and communication partners.”
The police say that cybercriminals often update their dangerous attachments, which may not always be detected by existing virus scanners. The press release does not specify the techniques or procedures used by hackers or provide detailed countermeasures.
Microsoft has updated its guidelines on how users can identify if their email account has been hacked and what they should do about it. Signs of a compromised account may include frequent password changes, missing or deleted emails, unexpected email forwarding, and inability to send emails.
Source: Press release of the State Criminal Police Office of North Rhine-Westphalia (LKA NRW), Cybernews