Category Archives: Incidents

Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign

Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise (BEC) infrastructure hosted in multiple web services. Attackers used this cloud-based infrastructure to compromise mailboxes via phishing and add forwarding rules, enabling these attackers to get access to emails about financial transactions. In this blog, we’ll share our technical analysis and journey […]

Rapid7 Source Code Exposed in Codecov Supply Chain Attack

Rapid7 says unauthorized third-party accessed source code, customer data during Codecov supply chain breach Enterprise security vendor Rapid7 says it was among the victims of the Codecov software supply chain attack and warned Thursday that data for a subset of its customers was accessed in the breach. Rapid7, widely known for its tools that automate […]

Google Chrome, Microsoft Edge Browser Extensions Infected With Malware Hit 3 Million Users: Avast

Google Chrome and Microsoft Edge extensions containing malware have been downloaded by around 3 million users, security research firm Avastclaims. Its researchers say that they were able to identify at least 28 extensions available on Chrome and Edge browsers that contained malware. These add-ons were billed to facilitate downloading pictures, videos, or other content from […]