December 10, 2019 Malicious Office 365 App Leveraged by Phishing Campaign to Access Victims’ Accounts 2 min read - A phishing campaign is using a malicious Microsoft Office 365 app to access victims' accounts without stealing their credentials.
October 15, 2019 New Corporate Phishing Attacks Mimic Performance Appraisal Processes to Steal Credentials 2 min read - New corporate phishing attacks are mimicking the performance appraisal processes at targeted companies to steal employees' business account credentials.
October 7, 2019 Attackers Exploit Certified Emails to Target Italians With sLoad Malware 2 min read - Threat actors are using certified emails to target Italian users with samples of the sLoad malware family.
September 17, 2019 Emotet Ends Four-Month Hiatus With Malspam Campaign Targeting Polish-, German-Speaking Users < 1 min read - The actors behind the Emotet botnet ended a four-month hiatus by launching a malspam campaign targeting Polish- and German-speaking users.
Risk Management June 13, 2019 Why Every Employee in Your Organization Should Learn Social Engineering Vocabulary 5 min read - When it comes to social engineering training, make sure every employee learns the names of specific attacks.
June 11, 2019 Extortion Scam Threatens Website Owners With Reputational Damage 1 min read - A new extortion scam uses the threat of reputational damage to persuade website owners to pay a ransom fee.
April 2, 2019 Unnam3d Ransomware Moves Files Into Protected RAR Archives, Demands Amazon Gift Card 2 min read - Security researchers discovered a new ransomware family called Unnam3d that moves targeted files into protected RAR archives and demands an Amazon gift card as ransom.
January 15, 2019 BBC Email Scam Spoofs Broadcaster’s Site to Generate Bitcoin 2 min read - Researchers identified a new email scam using seemingly legitimate BBC News webpages to reroute user clicks and generate bitcoin.
January 9, 2019 Phishing Kit Uses Custom Web Font to Impersonate Major US Bank < 1 min read - A new phishing kit uses a custom web font to implement a substitution cipher in its campaign to target customers of a major U.S. bank.
December 7, 2018 Sednit Threat Group Adds Delphi Dropper and Mail Downloader to Zebrocy Toolset 2 min read - Security researchers observed the Sednit threat group distributing Zebrocy malware using a Delphi dropper and mail downloader.