The OilRig threat group recently targeted government offices in the Middle East with a spear phishing attack that involved the Trojan malware BONDUPDATER.
Threat actors have taken a liking to IQY files, which are foreign to most users and appear benign to many spam filters.
A new downloader dubbed AdvisorsBot has been observed sending highly targeted malicious emails to telecommunications and hospitality companies.
Trickbot has formed a partnership with another banking Trojan, IcedID, to help distribute each other's malware more widely — and possibly co-develop new capabilities.
According to security researchers, a new modular remote access Trojan (RAT) is using several sophisticated techniques to fly under the radar of traditional detection solutions.
Australian businesses have been targeted in a phishing campaign that uses FTP links to deliver the DanaBot banking Trojan, which is designed to steal financial information and other private data.
Researchers uncovered a spam campaign that threatened to unleash the devastating WannaCry ransomware on unsuspecting victims who failed to pay a fee of roughly $650 by June 22, 2018.
Security leaders must implement phishing awareness programs to train employees to recognize business email compromise (BEC) attacks and other social engineering schemes that could compromise data.
In recent months, security researchers have identified Punycode attacks as part of malvertising and phishing campaigns targeting both individual users and major email providers.
A surge in the value of bitcoin has been accompanied by a rise in the risk of phishing attacks against the cryptocurrency ecosystem.