Topic: university targeting
-
Microsoft: Hackers Steal University Payroll in Pirate Attacks
Storm-2657, a cybercrime group, has been targeting U.S. university payroll systems since March 2025, primarily compromising Workday accounts through sophisticated social engineering and exploiting weak multifactor authentication. The attackers use highly customized phishing emails, such as fake c...
Read More » -
Microsoft Warns of "Payroll Pirate" Scam Targeting Employee Paychecks
A phishing campaign called "Payroll Pirate" targets corporate HR accounts to redirect employee paychecks into criminal-controlled bank accounts by manipulating platforms like Workday. Attackers use adversary-in-the-middle techniques to intercept login credentials and multi-factor authentication c...
Read More » -
Sharepoint ToolShell Attacks Strike Global Orgs on 4 Continents
The ToolShell vulnerability (CVE-2025-53770) in Microsoft SharePoint is a critical zero-day flaw that allows unauthenticated remote attackers to execute arbitrary code and access file systems, bypassing previous vulnerabilities. Microsoft attributes the exploitation to Chinese threat actors like ...
Read More »