Universities’ Paychecks Hijacked: Cyber Pirates Strike via Phishy Payroll Heist!
Microsoft’s Threat Intelligence team warns of a new cybercrime spree targeting US university payroll systems. Dubbed “payroll pirate,” the audacious attacks by Storm-2657 involve phishing, breaching HR software like Workday, and rerouting salaries to their accounts. The real treasure? Exploiting poor MFA hygiene and configurations while universities remain blissfully unaware.
Hot Take:
Ahoy, mateys! Looks like Storm-2657 has set sail on the high seas of university payroll systems, plundering paychecks faster than you can say “walk the plank.” If only universities had installed some digital cannons to fend off these pesky cyber pirates. Avast, ye HR departments, it’s time to bolster those defenses before your next paycheck gets swallowed by the cyber abyss!
Key Points:
- Storm-2657 targets US university payroll systems by exploiting HR software.
- Cybercriminals use phishing emails and AiTM techniques to hijack salaries.
- Infiltrated accounts lead to redirected pay packets into attackers’ bank accounts.
- Microsoft urges the adoption of stronger MFA and improved security measures.
- 11 compromised accounts at three universities have affected 6,000 email accounts.