Three APTs have been observed using RTF template injection, and researchers warn more threat groups may adopt the new tactic.
Microsoft researchers said TodayZoo, used for a massive campaign aimed at stealing victims’ credentials, was pieced together from an old phishing kit template.
APT35 attackers are using a new technique in their phishing attacks, which leverages a function from Telegram.
Microsoft researchers have disrupted a phishing and business email compromise campaign that used several separate cloud platforms to disguise its operations.
Attackers are building innovative voice-based social engineering tactics into their malware and phishing campaigns.