""every employee on earth becomes a target,""
""This was a combination of exploiting people and processes rather than technology,""
""It's technology-adjacent. This was identity theft from pure-play social engineering into exploiting a weaker-than-advised process internally to gain access.""
""The call basically went that this person can't log into their account, they have patients they need to see right now, they need to get immediate access,""
Binary Defense's ARC Labs investigated a December 2025 incident in which an attacker redirected a physician's salary into their own account. The attacker used compromised credentials for a shared mailbox at a healthcare facility to identify a target. No evidence of phishing was found, and investigators assume the credentials originated from an earlier breach. The attacker impersonated the physician during a help-desk call and convinced staff to reset the password and MFA token. That access enabled the payroll redirection. The attack exploited human and process weaknesses rather than purely technological flaws.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]