For decades, fraudsters have attempted to separate people from their hard-earned money by purporting to be an exiled member of a royal family. Historically, this was done via phone calls and written letters to potential victims. Throughout the years, these “members” of the monarchy were able to successfully exploit peoples good will, and often greed, to steal untold amounts of ... READ MORE
Business Email Compromise
Mass Mailing Attack from NOBELIUM
On May 25, 2021, the campaign escalated as NOBELIUM, the same group behind the 2020 SolarWinds attacks, leveraged the legitimate mass-mailing service, Constant Contact, to masquerade as a US-based development organization and distribute malicious URLs to a wide variety of organizations and industry verticals. Using the legitimate mass mailing service Constant Contact, NOBELIUM ... READ MORE
Microsoft Exchange – CVE-2021-26855+
On March 2, 2021, Microsoft released several security updates to address at least seven critical vulnerabilities in supported versions of on-premise Microsoft Exchange Server. These vulnerabilities were observed being used in limited targeted attacks; however, due to the critical nature and publication of these vulnerabilities, Microsoft released guidance that all customers ... READ MORE