Community Discussions

Recent Discussions

XRed Malware Campaign Targets Multinational Organizations : 10 December 2025
Key Points Malware campaign impersonating the Indian Ministry of Finance and Income Tax Department Low-volume, strategically targeted campaign predominantly spanning financial services, professional services, and corporate services sectors across UK and US businesses with entity in India VBS script downloads and executes…
Holiday Party Invitations Deliver Remote Access Tools : 5 December 2025
Key Points Threat actors are leveraging the holiday season by impersonating legitimate party invitation services like Punchbowl to distribute remote monitoring and management (RMM) tools Targeting US businesses predominately in the Finance, Professional Services (Accounting, Legal) and Real Estate industries Links within…
Introducing Multi-Vector Threat Protection
Introducing Multi-Vector Threat Protection: Correlated Intelligence, Complete Protection We're excited to announce the general availability of Multi-Vector Threat Protection for Email Security Cloud Gateway customers with CyberGraph or Advanced BEC Protection. This enhanced capability represents a significant evolution in…
HR Bonus-Themed QR Code Phishing Campaign Exploiting Year-End Corporate Processes : 21 November 2025
Key Points Threat Type: Credential harvesting via QR code phishing Brand Impersonated: DocuSign, company HR departments Primary Vector: Compromised email accounts sending PDF attachments with embedded QR codes Campaign Overview The Mimecast Threat Research team has identified an active credential harvesting campaign…
New Employee Phishing Campaign Targets Microsoft 365 Credentials : 05 November 2025
Key Points Credential harvesting campaign impersonating new employee notifications across multiple organizations Multi-stage attack flow utilizing fake verification pages and CAPTCHA to evade detection Leverages FlowerStorm phishing-as-a-service platform with Adversary-in-the-Middle capabilities to bypass MFA Campaign…
Common Social Engineering Lures Used to Deploy Remote Monitoring Management Tools for Initial Access
10 October 2025 Key Points Continued shift from traditional malware delivery to abuse of legitimate Remote Monitoring and Management (RMM) tools for initial access Campaigns targeting organizations across multiple industries using social engineering lures including fake payment receipts, meeting invitations, and tax…
Services Australia Impersonation Drives Year-Round Credential Theft Operation : 17 October 2025
Key Points MCTO3001 - Threat operation with Services Australia and Centrelink impersonation campaigns across multiple sectors Infrastructure abuse of legitimate email services (SendGrid, Mailgun, Office 365) with Australian Gov display name Campaign objective: Credential harvesting and data theft through government…
Conflict-Themed Social Engineering Distributes RATs Across Eastern Europe : 17 October 2025
Key Points MCTO1025 also referred to as UCA- 0050 a cybercrime group conducting sustained year-long campaign targeting Ukraine, Romania, and Moldova from single ASN infrastructure Sophisticated social engineering campaigns impersonating Ukrainian and Russian security services, evacuation plans, and military mobilization…
SharePoint File Sharing Abuse with CAPTCHA Evasion : 17 October 2025
Key Points Threat actors exploiting SharePoint file sharing services for credential harvesting Multi-stage attack chain using compromised accounts and sophisticated evasion techniques Campaigns require Ctrl+Click interaction to bypass automated security analysis Fake Cloudflare CAPTCHA verification preceding Microsoft 365…
HR-Themed campaign Shifts from Credentials to RMM Tools : 17 October 2025
Key Points Long-running credential harvesting operation conducted by MCTO3022 targeting organizations with HR department impersonation Campaigns employ employee handbook compliance requirements and payroll authorization requests Latest campaign evolution includes Adobe PDF Sign impersonation that drops PDQConnect RMM tools…
Holiday Party Invitations Deliver Remote Access Tools : 5 December 2025
Key Points Threat actors are leveraging the holiday season by impersonating legitimate party invitation services like Punchbowl to distribute remote monitoring and management (RMM) tools Targeting US businesses predominately in the Finance, Professional Services (Accounting, Legal) and Real Estate industries Links within…
10 Emerging Cyber Threats To Watch Closely In 2026
Good day Community - I found this article in Cyber Management Alliance and wanted to share it and get your thoughts: no surprise AI is on the list 😎 "Emerging cyber threats are racing through blind spots that didn’t even exist a year ago. What used to be a “rare exploit” is now a Tuesday afternoon. And the problem is that…
Mimecast Global Threat Intelligence Report – Policy Recommendations
Essential Mimecast Configurations Based on 2025 Global Threat IntelligenceThe cybersecurity landscape continues to evolve at breakneck speed, and our 2025 Global Threat Intelligence Report reveals concerning trends that demand immediate attention. Advanced business email compromise attacks are becoming more sophisticated,…
IT workers in video game space need to be aware of security risks, solutions
Chris Anley, a chief scientist with research firm NCC Group, told IT Brew that security issues in games run the gamut from platform-related concerns like social engineering to standard cyberattacks like ransomware. Those threats aren’t ignored, even if they’re not front-and-center for the IT pros and developers working on…
When it’s time for cyber insurance, here’s what a CFO needs from the CISO
Good day Community - I am interested in hearing your thoughts about this article from IT BREW: "Matt Hillary, chief information security officer (CISO) and SVP of security at Drata, a security and compliance automation platform, has to sit down annually with the chief financial officer (CFO) and general counsel (GC) to ask…
CometJacking: One Click Can Turn Perplexity's Comet AI Browser Into a Data Thief
AI is here to stay, and Perplexity has launched its new browser, Comet. Before you download it or if you are using it, please see this article from The Hacker News: https://thehackernews.com/2025/10/cometjacking-one-click-can-turn.html Please share your thoughts on AI Browsers below. Cheers, Toby
Astaroth Infostealer Campaign : 16 June 2025
Key Points What you'll learn in this notification Information stealer Trojan that predominantly targets Brazil and Mexico with a financial motive. Employs country-specific social engineering tactics. Leverages newly registered, low-reputation domains that impersonate legitimate services. Samantha Clarke and the Mimecast…
German Tax and Accident Insurance Institution Impersonation : 03 June 2025
Key Points What you'll learn in this notification Attackers exploit institutional trust through sophisticated German tax authority impersonation. Emails appear to be generated by custom spam scripts with forged Thunderbird headers and high variability in subjects and sending email addresses Predominantly targeting…
Scattered Spider using fake CAPTCHA to evade detection : 22 May 2025
Key Points What you'll learn in this notification More than 150k phishing campaigns impersonating service providers including, SendGrid, HubSpot, Google and Okta Predominately sent from white-labelled SendGrid accounts Use of fake CAPTCHA to evade detection Recent campaigns predominately targeting Retail and Software as a…
OAuth Abuse : 5th May 2025
Key Points What you'll learn in this notification Campaign using OAuth applications Users are redirected to malicious pages Campaign Objective: possible Reconnaissance and Data Collection plus credential phishing Recent campaigns predominately target Real Estate and Professional Service businesses in the US The Mimecast…