Security
  • Menu
  • All Tips
  • FAQs
  • Categories
  • Guidelines
  • Data Security Support
  • Tools
  • Have I Been Pwned?
  • Pwned Passwords
  • Email Checker
  • Password Generator
  • My IP
  • Privacy
DATA PRIVACY NOTICE AND CONSENT FORM

Cloudstaff is committed to protecting the privacy of its data subjects, and ensuring the safety and security of personal data under its control and custody. This policy provides information on what personal data is gathered by Cloudstaff Security Tips about its current, past, and prospective employees; how it will use and process this; how it will keep this secure; and how it will dispose of it when it is no longer needed. This information is provided in compliance with the Philippine Republic Act No. 10173, also known as, the Data Privacy Act of 2012 (DPA) and its Implementing Rules and Regulations (DPA-IRR). It sets out Cloudstaffs’ data protection practices designed to safeguard the personal data of individuals it deals with, and also to inform such individuals of their rights under the Act.

The personal data obtained from this application is entered and stored within the Cloudstaff system and will only be accessed by the Cloudstaff’s authorized personnel. Cloudstaff have instituted appropriate organizational, technical and cloud security measures (Amazon Web Services Shared Responsibility) to ensure the protection of the users personal data.

Information collected will be automatically deleted after three (3) years inactivity.

Furthermore, the information collected and stored in the application are as follows:
  • Given Name
  • Family Name
  • Avatar [Profile Picture]

USER CONSENT

I have read the Data Privacy Statement and expressed my consent for Cloudstaff to collect, record, organize, update or modify, retrieve, consult, use, consolidate, block, erase or destruct my personal data as part of my information.

I hereby affirm my right to be informed, object to processing, access and rectify, suspend or withdraw my personal data, and be indemnified in case of damages pursuant to the provisions of the Republic Act No. 10173 of the Philippines, Data Privacy Act of 2012 and its corresponding Implementing Rules and Regulations.

If you want to exercise any of your rights, or if you have any questions about how we process your personal data, please contact Cloudstaff’s Data Protection Officer, through the following channel:

Email to privacy@cloudstaff.com

  • Log in Now
Cyberattack Targets 26 Countries in Sophisticated Microsoft Phishing Scheme

Microsoft has disclosed a large-scale phishing campaign that targeted more than 35,000 users across 13,000 organizations in 26 countries between April 14–16, 2026. Around 92% of the victims were based in the U.S., with healthcare, finance, professional services, and technology sectors heavily affected.

The attackers used convincing “code of conduct” themed phishing emails sent through legitimate email delivery services. The messages included PDF attachments and urgent subject lines designed to pressure recipients into clicking malicious links.

Victims were redirected through multiple CAPTCHA checks and fake verification pages before landing on adversary-in-the-middle (AiTM) phishing sites that stole Microsoft credentials and authentication tokens in real time, allowing attackers to bypass multi-factor authentication (MFA).

Microsoft also reported a sharp rise in QR code phishing during Q1 2026, with attacks increasing 146% from January to March. The company detected around 8.3 billion phishing threats during the quarter, with credential theft remaining the primary objective of most campaigns.

Researchers further warned about the growing abuse of trusted platforms such as Amazon Simple Email Service (SES), which attackers use to send phishing emails that can bypass standard email security checks.

Mitigation Recommendations

  • Be cautious with unexpected emails, especially those urging urgent action
  • Avoid opening unknown PDF attachments or clicking suspicious links
  • Avoid scan QR codes from emails you weren’t expecting or don’t trust
  • Double-check sender details, even if the message looks official
  • Report suspicious emails to your IT or security team immediately
  • Use strong, unique passwords for different accounts
  • Enable multi-factor authentication whenever possible
  • Stay alert for messages asking you to log in or verify account details unexpectedly
  • Attend basic cybersecurity or phishing awareness training if available

Source: https://thehackernews.com/2026/05/microsoft-details-phishing-campaign.html

Christine (TinSu) Sugui | News
Created: May 06 2026 | Updated: 1 day, 9 hours ago
Comments

  2021 © Mazer

Security Tips v2.0.1 | Crafted with by Saugi