News January 23, 2023

Alleged FBI Database Breach Exposes Agents and InfraGard

4 min read - Recently the feds suffered a big hack, not once, but twice. First, the FBI-run InfraGard program suffered a breach. InfraGard aims to strengthen partnerships with the private sector to share information about cyber and physical threats. That organization experienced a…

News November 2, 2022

UK Health System Email Accounts Hijacked to Steal Microsoft Logins

2 min read - Last summer, I noticed password reset notices in my email account that I didn’t send. I quickly realized that I was the victim of an account takeover. This happens when someone illegally gains access to your account, typically through compromised…

News November 10, 2021

Phishing-as-a-Service: Research Exposes BulletProofLink Gang

2 min read - It’s a growing trend among attackers to offer their products as a service, just as regular companies do. In September, Microsoft researchers found that the BulletProofLink phishing-as-a-service (PhaaS) enterprise was taking this to the next level. It comes with over…

Incident Response October 22, 2021

How the 2011 DigiNotar Attacks Changed Cybersecurity for the Next Decade

4 min read - The DigiNotar attack in 2011 set itself apart because it was an attack on the cybersecurity industry itself. Most attacks are on a single company. But this one shook trust in cybersecurity tools and how users decide whom to trust…

News June 21, 2021

New Buer Malware Loader Spread Through DHL Scam Email

2 min read - Digital attackers are using fake DHL shipping emails to trick recipients into opening a malicious Microsoft Office document. According to Proofpoint, the DHL scam email leads to an infection of ‘RustyBuer,’ a new variant of the Buer Loader malware family…

Data Protection May 21, 2021

Taking Time Off? What Your Out of Office Message Tells Attackers

3 min read - As more people are vaccinated and free to live a more normal life again, vacation plans, trip pictures and conference hashtags will flood social media sites. Phone calls and emails to colleagues will be met with out of office (OOO)…

Intelligence & Analytics April 20, 2021

‘Inbox Zero’ Your Threat Reports: How to Combat Security Alert Fatigue

3 min read - At best, a new cybersecurity alert should trigger immediate action. But we all know in practice that work is not always clear cut. A new alert can find itself as just the latest un-addressed number in the inbox. In an…

Identity & Access August 11, 2020

Questions to Ask When Conducting Single Sign-On Enrollment

5 min read - Instead of asking employees to input passwords every day, single sign-on (SSO) offers a simplified but secure authentication process. SSO authentication gives a user the option of choosing a single set of credentials to access multiple accounts and services. So,…

August 5, 2020

Users Beware: Spotting a Microsoft Renewal Scam

3 min read - A novel scam began when a user received an email impersonating a notification from Microsoft, Abnormal Security observed on Friday, July 17. The scam arrived after Microsoft had recently taken several steps to deter scammers. Security professionals should be aware of…

Advanced Threats July 16, 2020

New Research Exposes Iranian Threat Group Operations

7 min read - IBM X-Force Incident Response Intelligence Services (IRIS) has uncovered rare details on the operations of the suspected Iranian threat group ITG18, which overlaps with Charming Kitten and Phosphorus. In the past few weeks, ITG18 has been associated with targeting of …