Microsoft’s Security Intelligence team has issued an alert to Office 365 users and admins to be on the lookout for a “crafty” phishing email with spoofed sender addresses.

Cybercriminals are using shell scripts in various sophisticated evasion techniques. Security analysts published a report describing six ways hackers use malicious Linux shell scripts to hide their attacks. They strongly recommend the use of EDR systems for monitoring suspicious events, processes, and network traffic, along with the patching of systems and firmware.

A new survey of IT security leaders showed almost 80 percent believe remote workers are at more risk for phishing attacks now because they’re isolated from their organizations’ security teams.

The DoppelPaymer ransomware operation was rebranded as Grief with identical encryption algorithms, i.e. 2048-bit RSA and 256-bit AES and other minor code changes. The new effort by DoppelPaymer appears to be more about staying low profile than going sophisticated in nature.

A number of British universities have been awarded a grant to explore the security issues surrounding IoT and smart home devices, as well as to determine ways to warn consumers of the risks.

Screenshots of publicly accessible backdoors that revealed the emails and personal details of over 20,000 applicants started appearing online raising safety and privacy concerns.

Kaspersky spotted a new Chinese-speaking threat actor, tracked as GhostEmperor, that is targeting Microsoft Exchange vulnerabilities in attacks aimed at high-profile victims.

The videoconferencing company said it would pay $85 million to settle the suit, which claimed that it violated users’ privacy, in part by allowing hackers to interrupt online meetings.

The phishing email appears to be sent by WeTransfer as it bears the sender name Wetransfer and has the title View Files Sent Via WeTransfer. The similarity is enough to come across as a genuine email.

According to a copy of the dump obtained by The Record, the leaked files contain the source code of the FIFA 21 soccer game, including tools to support the company’s server-side services.