Security Report – 14 Nov 2025

Free phishing scam website vector

14 Nov Security Report – 14 Nov 2025

Posted at 11:47h in Security Breach, TCT News by

Modern businesses now operate almost entirely in the cloud. From productivity suites like Microsoft 365 and Google Workspace to CRMs and accounting platforms, organisations rely heavily on SaaS applications to power their most critical business operations. For MSPs, this means your clients’ data no longer lives behind a secure firewall. It’s scattered across dozens of SaaS apps and potentially exposed to dozens of risks. As more organisations move toward a cloud-first IT strategy, SaaS applications have become prime targets for cybercriminals. As SaaS threats evolve, MSPs must continuously refine their security strategies and align their services to better protect clients. Staying ahead of today’s risks requires layered, automated and proactive defense.

Recent Breaches

 

North America – Booking.com – Hospitality & Leisure 

Exploit: Phishing

Risk to Business: Severe: A large-scale phishing campaign is targeting the global hospitality industry, with attackers aiming to gain unauthorized access to hotel booking platforms, including Booking.com. In this campaign, hotel managers are being tricked into visiting ClickFix-style phishing pages that steal their login credentials and install PureRAT ransomware. Attackers use compromised email accounts to send convincing spear-phishing messages that impersonate legitimate booking platforms. Once hotel staff click on these links, they will be redirected to malicious websites that will install ransomware and harvest credentials. Active since April 2025, this operation is part of a growing trend of phishing attacks on hotel booking systems. Threat actors either sell stolen booking platform accounts on cybercrime forums or use them to send fraudulent emails to hotels and guests, thereby committing financial fraud.

United States – The University of Pennsylvania – Education

Exploit: Hacking

Risk to Business: Moderate: The University of Pennsylvania confirmed a massive data breach on November 5, which exposed the personal information of students, alumni, staff and community affiliates. The breach reportedly exposed more than 1.2 million records. The cyber incident came to light on October 31, when several members of the Penn community received emails claiming to be from the university’s Graduate School of Education (GSE). The university later confirmed that certain systems linked to its development and alumni activities had been compromised. The stolen data includes personally identifiable information (PII) — some of which dates back decades — along with banking details. However, the university said that no medical information was involved in the breach. According to Penn, the attack began with a social engineering scam. After learning of the incident, university staff quickly locked down the affected systems but were unable to prevent the fraudulent emails from being sent or the sensitive information from being stolen.

Talk to a TCT team member today about implementing IT strategy plan for your business.

Robert Brown
14/11/2025

Related Articles:
4 Ways Small Businesses Can Leverage Copilot for Microsoft 365
Stable Connection Is Essential for Your Business