October 7, 2019

Attackers Exploit Certified Emails to Target Italians With sLoad Malware

2 min read - Threat actors are using certified emails to target Italian users with samples of the sLoad malware family.

October 3, 2019

Silent Starling Group Stages Vendor Email Compromise Attacks

2 min read - The Silent Starling cybercriminal group is using an attack known as vendor email compromise to target unsuspecting customers.

September 17, 2019

Emotet Ends Four-Month Hiatus With Malspam Campaign Targeting Polish-, German-Speaking Users

< 1 min read - The actors behind the Emotet botnet ended a four-month hiatus by launching a malspam campaign targeting Polish- and German-speaking users.

September 16, 2019

Astaroth Trojan Uses Facebook and YouTube Profiles to Support Infection Chain

2 min read - The Astaroth Trojan used Facebook and YouTube profiles to support its infection chain in a new phishing campaign targeting Brazilian users.

August 26, 2019

Weekly Security News Roundup: Evasive Attack Emails Target Utilities With Adwind

3 min read - Researchers spotted a phishing campaign that used evasion tactics to target utility organizations with Adwind. Learn what else happened last week in security news.

August 14, 2019

Phishing Campaign Distributes Fake Microsoft Account Notifications

2 min read - Attackers are disseminating fake Microsoft account notifications alerting users to supposed "unusual sign-in activity" in a ploy to steal credentials.

August 12, 2019

Phishing Campaign Uses DocuSign Branding, S3-Hosted Landing Page to Target Office Credentials

< 1 min read - Researchers observed a new phishing campaign that used DocuSign branding and a landing page hosted on Amazon public cloud storage (S3) to steal users' Microsoft Office credentials.

June 11, 2019

Extortion Scam Threatens Website Owners With Reputational Damage

1 min read - A new extortion scam uses the threat of reputational damage to persuade website owners to pay a ransom fee.

June 4, 2019

Phishing Scam Leverages Fake List of Undelivered Emails to Trick Users Into Clicking

< 1 min read - Researchers discovered a phishing scam that leverages a fake list of undelivered emails to trick users into clicking and offering up their login credentials.

April 3, 2019

New XLoader Variant Masquerades as Android Security Apps, iOS Configuration Profile

2 min read - Security researchers observed a new variant of XLoader masquerading as Android security apps and an iOS configuration profile to target mobile users.