CyberSecurityBoard
Sponsor Register Login

SideWinder Hacker Group Hosting Fake Outlook Portals to Steal Credentials

The SideWinder hacker group has been identified hosting fake Outlook login portals as part of a sophisticated phishing campaign aimed at stealing user credentials. These counterfeit portals are designed to closely mimic legitimate Microsoft Outlook login pages, deceiving victims into entering their sensitive information. This tactic is part of SideWinder's broader strategy to infiltrate organizations, primarily targeting government and defense sectors in South Asia. The group leverages social engineering and spear-phishing emails to lure victims to these fake portals, which are hosted on compromised or malicious domains. Once credentials are harvested, SideWinder uses them to gain unauthorized access to corporate networks, potentially leading to data breaches and espionage activities. Security experts recommend organizations to implement multi-factor authentication, conduct regular phishing awareness training, and monitor network traffic for unusual login attempts to mitigate such threats. Additionally, users should verify URLs carefully and avoid clicking on suspicious links in unsolicited emails. This incident underscores the persistent threat posed by advanced persistent threat (APT) groups like SideWinder, emphasizing the need for robust cybersecurity defenses and continuous vigilance against evolving phishing tactics.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 03 Oct 2025 09:45:17 +0000


Cyber News related to SideWinder Hacker Group Hosting Fake Outlook Portals to Steal Credentials

SideWinder Hacker Group Hosting Fake Outlook Portals to Steal Credentials - The SideWinder hacker group has been identified hosting fake Outlook login portals as part of a sophisticated phishing campaign aimed at stealing user credentials. These counterfeit portals are designed to closely mimic legitimate Microsoft Outlook ...
3 months ago Cybersecuritynews.com SideWinder
Microsoft says button to restore classic Outlook is broken - Since the beginning of the year, it has addressed other Outlook issues, including one that causes classic Outlook to crash when writing, replying to, or forwarding an email, and another one that led to Classic Outlook and Microsoft 365 applications ...
10 months ago Bleepingcomputer.com
CVE-2022-50280 - In the Linux kernel, the following vulnerability has been resolved: ...
3 months ago
Microsoft fixes Outlook Desktop crashes when sending emails - Microsoft has fixed a known issue causing Outlook Desktop clients to crash when sending emails from Outlook.com accounts. These problems were first reported on Microsoft's community website and other social networks by customers saying they were ...
2 years ago Bleepingcomputer.com
Microsoft: Outlook clients not syncing over Exchange ActiveSync - Microsoft warned Outlook for Microsoft 365 users that clients might have issues connecting to email servers via Exchange ActiveSync after a January update. Exchange ActiveSync is an Exchange synchronization protocol using HTTP and XML to let users ...
1 year ago Bleepingcomputer.com
SideWinder Adopts New ClickOnce-Based Loader to Evade Detection - SideWinder, a known cyber espionage group, has recently updated its attack methodology by adopting a new ClickOnce-based loader. This evolution in their tactics allows them to better evade detection by traditional security solutions. ClickOnce is a ...
2 months ago Thehackernews.com SideWinder
Microsoft fixes button that restores classic Outlook client - Since the start of the year, it has fixed other Outlook issues, including one that led to Classic Outlook and Microsoft 365 applications crashing on Windows Server 2016 or Windows Server 2019 systems and another one that triggers classic Outlook ...
9 months ago Bleepingcomputer.com
Microsoft Outlook December updates trigger ICS security alerts - Microsoft is investigating an issue that triggers Outlook security alerts when trying to open. ICS calendar files after installing December 2023 Patch Tuesday Office security updates. The company also revealed that the security warning will be ...
1 year ago Bleepingcomputer.com CVE-2023-35636
Microsoft fixes connection issue affecting Outlook email apps - Microsoft has fixed a known issue causing desktop and mobile email clients to fail to connect when using Outlook.com accounts. More details on how to use app passwords with apps without two-step verification support can be found in this support ...
1 year ago Bleepingcomputer.com
Key Group uses leaked builders of ransomware and wipers | Securelist - The first discovered sample of Key Group, the Xorist ransomware, established persistence in the system by changing file extension associations. The .huis_bn extension added to encrypted files in the early versions of Key Group samples, Xorist and ...
1 year ago Securelist.com
Akamai discloses zero-click exploit for Microsoft Outlook - While examining a previous bypass mitigation, Akamai Technologies discovered two new Windows vulnerabilities that could allow an attacker to create a zero-click exploit against Microsoft Outlook clients. In a two-part report published Monday, Akamai ...
2 years ago Techtarget.com CVE-2023-35384 CVE-2023-36710 CVE-2023-23397 CVE-2023-29324
Russian Espionage Group Hammers Zero-Click Microsoft Outlook Bug - An espionage group linked to the Russian military continues to use a zero-click vulnerability in Microsoft Outlook in attempts to compromise systems and gather intelligence from government agencies in NATO countries, as well as the United Arab ...
2 years ago Darkreading.com CVE-2023-23397 Fancy Bear APT28
Microsoft fixes Outlook drag-and-drop broken by Windows updates - "After installing the January 2025 Windows non-security preview update and subsequent updates on devices running Windows 11, version 24H2, you may find that you are not able to drag and drop emails or calendar items to folders in classic Outlook," ...
10 months ago Bleepingcomputer.com
CVE-2019-1205 - A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security ...
1 year ago
CVE-2019-1201 - A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security ...
1 year ago
Microsoft Might Be Sharing Your Outlook Emails Without Your Knowledge - Microsoft's data collection practices are under scrutiny, as a recent report suggests the Outlook for Windows app might be sharing more user information than expected. With this app now default on Windows 11, the impact could be widespread. ...
1 year ago Cysecurity.news
Hacker Conversations: Chris Evans, Hacker and CISO - Chris Evans is CISO and chief hacking officer at HackerOne. SecurityWeek's Hacker Conversations series seeks to understand the mind and motivations of hackers by talking to hackers. Evans challenges the common perception of both hackers and their ...
1 year ago Securityweek.com Silence
SideWinder APT Group Attacking Military & Government Entities With New Tools - Recent findings reveal that SideWinder has developed a massive new infrastructure to distribute malware and control compromised systems, with a notable increase in attacks against maritime infrastructures, logistics companies, and entities related to ...
10 months ago Cybersecuritynews.com Sidewinder CVE-2017-11882
Strela Stealer Malware Attacking Microsoft Outlook Users To Steal Login Credentials - The Strela Stealer, named after the Russian word for “Arrow,” has been actively targeting systems since late 2022, with a precise focus on exfiltrating email credentials from both Microsoft Outlook and Mozilla Thunderbird email clients. ...
10 months ago Cybersecuritynews.com
Russian bulletproof hosting service Aeza Group sanctioned by US for ransomware work | The Record from Recorded Future News - Aeza Group is a bulletproof hosting (BPH) services provider, the department said, that allows cybercriminals to avoid law enforcement while renting IP addresses, servers and domains used for disseminating malware, supporting darknet markets and ...
6 months ago Therecord.media LockBit
BulletProof Hosting Provider Qwins Ltd Fueling Global Malware Campaigns - This systematic approach to network utilization demonstrates the sophisticated nature of modern bulletproof hosting operations and their critical role in enabling large-scale cybercriminal campaigns across multiple malware families and attack ...
5 months ago Cybersecuritynews.com
Russian hackers exploiting Outlook bug to hijack Exchange accounts - Microsoft's Threat Intelligence team issued a warning earlier today about the Russian state-sponsored actor APT28 actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts and steal sensitive information. The targeted ...
2 years ago Bleepingcomputer.com CVE-2023-23397 CVE-2023-38831 CVE-2021-40444 APT28
SideWinder Hacking Group Uses ClickOnce-Based Infection Chain - The SideWinder hacking group has been observed employing a sophisticated ClickOnce-based infection chain to compromise targets. This technique leverages Microsoft's ClickOnce deployment technology to deliver malicious payloads stealthily, bypassing ...
2 months ago Cybersecuritynews.com SideWinder
Microsoft warns of CPU spikes when typing in classic Outlook - In recent months, the company also addressed a slew of other Microsoft 365 and Office issues, including a widespread licensing issue blocking access to Microsoft 365 services for some customers with Family subscriptions and a bug triggering Outlook ...
8 months ago Bleepingcomputer.com

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)