Category Archives: Incidents

COVID-19 Contact-Tracing Data Exposed, Fake Vax Cards Circulate

COVID-19-related exploitation and abuse is on the rise as vaccine data opens new frontiers for threat actors. This week, the Indiana Department of Health issued a notice that the state’s COVID-19 contact-tracing system had been exposed via a cloud misconfiguration, revealing names, emails, gender, ethnicity, race and dates of birth of more than 750,000 people. The incident shows […]

Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign

Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise (BEC) infrastructure hosted in multiple web services. Attackers used this cloud-based infrastructure to compromise mailboxes via phishing and add forwarding rules, enabling these attackers to get access to emails about financial transactions. In this blog, we’ll share our technical analysis and journey […]

Rapid7 Source Code Exposed in Codecov Supply Chain Attack

Rapid7 says unauthorized third-party accessed source code, customer data during Codecov supply chain breach Enterprise security vendor Rapid7 says it was among the victims of the Codecov software supply chain attack and warned Thursday that data for a subset of its customers was accessed in the breach. Rapid7, widely known for its tools that automate […]