Credential Harvesting
The latest Credential Harvesting coverage — news, analysis, and updates from the WindowsNews.AI desk.
Storm-2561 Campaign Targets VPN Users with SEO-Poisoned Trojanized Clients
Microsoft's threat intelligence team has identified a resurgence of credential harvesting attacks targeting VPN users through sophisticated SEO poisoning techniques. The cybercrime group tracked as...
Storm-0501 Abuses Entra Connect Sync to Launch Cloud-Based Ransomware, Microsoft Reveals
Storm-0501, a financially motivated threat actor, has pulled off a brazen hybrid attack that began with a compromised on-premises Active Directory, pivoted through Entra Connect Sync to seize Global...
Internal Phishing Threats Exploiting Microsoft 365 Direct Send: Understanding and Defending Against SMTP Relay Abuse
A silent crisis is unfolding within Microsoft 365 environments as attackers turn the platform’s own trusted features against its users. The rise of sophisticated phishing campaigns leveraging...
The 2025 Surge in Sophisticated Phishing Attacks Targeting Microsoft Accounts: Strategies and Defenses
In 2025, the battleground for digital security has shifted dramatically, with Microsoft account holders standing on the front lines of an escalating war against increasingly sophisticated phishing...
The Evolution of Cloud Phishing: Microsoft OAuth Exploitation and AI-Driven Attacks
Phishing campaigns in the cloud era have undergone a fundamental evolution, leveraging both novel attack surfaces and the expanded reach of cloud identity management systems. Nowhere is this...
Defending Against Scattered Spider: Securing Internal Messaging Platforms from Advanced Digital Deception
The threat landscape for enterprise IT has never been more volatile, with the emergence of groups like Scattered Spider redefining the boundaries of digital deception. Unlike many earlier...
AI-Driven Phishing Attacks: How to Secure Microsoft 365 & Cloud Services
The cybersecurity landscape is undergoing a seismic shift as AI-powered phishing attacks target cloud services like Microsoft 365 and Okta with unprecedented sophistication. These next-generation...
RemoteMonologue Exploits DCOM & NTLMv1 in Fileless Windows Cyber Attack
A new cybersecurity threat dubbed RemoteMonologue is exploiting legacy Windows protocols to bypass modern defenses, putting enterprises at risk of credential theft and lateral movement. This...
Safeguarding Microsoft 365 Against the Surge in HTML-Based Phishing Attacks
In recent months, cybersecurity experts have observed a significant uptick in sophisticated phishing attacks targeting Microsoft 365 users. These attacks often employ malicious HTML attachments to...
State-Sponsored Hackers Exploit Messaging App Vulnerabilities in Cyber Warfare
The encrypted silence of secure messaging platforms is being shattered by a new wave of sophisticated cyber incursions, as state-sponsored hacking groups increasingly weaponize previously unknown...
New Phishing Threat Targets Microsoft 365 Users for Credential Harvesting
A sophisticated new phishing campaign is exploiting Microsoft 365's trusted reputation to harvest user credentials at an alarming scale. Security researchers have identified this threat as one of the...
Combating the DocuSign Azure Phishing Breach: Protecting European Businesses from Credential Harvesting Attacks
Preventing Phishing: Combatting the DocuSign Azure Breach in Europe You’ve got mail! It’s from DocuSign, appearing urgent and legitimate—a fresh PDF or a link prompting you to review important...