Thousands of accounts showed up on hacking forums -- and customers say Disney has been no help.
Using a real Office 365 account at a legitimate company to send out lures helps phishers evade email defenses.
The copycat sites are using valid certificates to be more convincing.
The threats follow a DDos attack bent on taking out the Labour Party's online presence.
A lengthy, multi-stage infection process leads to a duo of payloads, bent on stealing data.
The APT is using small botnets to take espionage aim at military and academic organizations.
The campaign is consistent with emerging tactics from bad actors to use increasingly sophisticated social engineering and spoofing to deliver malware.