Cybercriminals have been found to use compromised email addresses to distribute malicious OAuth apps, spoofing popular cloud and productivity apps to steal Microsoft 365 login credentials. The apps trick users into granting specific permissions, thereafter redirecting victims to phishing pages, collecting their login details and spreading malware. The campaign was highly targeted, affecting organisations across several industries in Europe and the US.

News – Lehigh Valley Health Network to pay $65 million in landmark ransomware settlement – TEISS
Lehigh Valley Health Network will pay a landmark $65 million in a settlement in a ransomware case. This will be the largest sum ever paid