For this assignment, we had to search for cybersecurity news, we also received a certificate for completing the cybersecurity training.
A new phishing campaign emerged where QR codes were used to steal Microsoft 265 login credentials. This campaign targets corporate users. The attack begins with victims receiving what appears to be legitimate emails, claiming that users need to verify their accounts/their passwords are expiring.
The emails contain QR codes that victims are instructed to scan, dodging email security solutions. When the QR code is scanned, users are redirected to a fake copy of the login pages that seem to be legit but are not. To avoid this contacting the company/IT for any questions concerning emails. It's good to double-check and make sure if it's authentic or not before clicking or scanning any links and codes.
Source Evaluation:
Who published the content? Tushar Subhra Dutta
Where was it published? Cybersecurity News
When was it published? April 3, 2025
The truthfulness and integrity of the facts: The article cites Palo Alto, which is a cybersecurity company, and Microsoft also has a page about this exact phishing campaign and how they plan to defend against it
How is it written and presented? To inform,. The author has screenshots and links that redirect to the original source of the images.
Links and Citations: Links that direct you to other similar articles.
The article discussed how 3 different companies received a supply-chain attack by a ransomware group named Clop. Direct/indirect victims of the attack included major financial institutions, education service providers, government agencies, healthcare providers, insurance companies, and law firms. Files that contained personal information, such as SSNs, confidential health information, and sensitive data, were compromised.
Source Evaluation:
Who published the content? Tushar Subhra Dutta
Where was it published? Cybersecurity Dive
When was it published? Nov 13, 2023
The truthfulness and integrity of the facts: The article has links that redirect to the source of info, government websites included.
How is it written and presented? To inform, minimal ads, easy to read.
Links and Citations: Links that direct you to other similar articles.
I learned about how often cybersecurity attacks happen, how some can appear legitimate, and how easily information can be breached just by clicking and opening a malicious link or attachment.
I managed to get the certificate by completing all the module and assessments.