If your organization uses Xerox multifunctional devices (and even if it doesn’t) this incident may be of interest. It seems attackers inadvertently exposed more than 1,000 stolen corporate credentials obtained through a Xerox-themed phishing campaign. While 1,000 credentials may not seem significant, this incident represents a typical lure that staff are likely to fall for, especially if your organization uses Xerox devices. According to Check Point, the campaign began in August 2020 using emails purporting to be Xerox scan notifications to lure victims into clicking malicious HTML attachments. Given the campaign managed to bypass email filters (Microsoft Office 365 Advanced Threat Protection), this would make a good security awareness reminder to provide to your organization’s best line of cyber defense (your staff). Read more at threatpost.
You are here
Related Resources
Jun 28, 2024 in Cybersecurity, in OT-ICS Security, in Security Preparedness
Jun 27, 2024 in Cybersecurity, in Security Preparedness
Jun 27, 2024 in Cybersecurity, in OT-ICS Security, in Security Preparedness