Tag: Phishing Emails

Danna Pelleg's childhood curiosity, early technology education and compulsion to fight the bad guys led her to a career as a fraud specialist and security operations team lead at IBM Trusteer.

Social engineering and security awareness training exercises can help business leaders uncover gaps in their incident response plans and identify poor security hygiene among employees.

Researchers have discovered evidence of a threat group named London Blue, a U.K.-based collective that focuses on CFOs at mortgage companies, accounting firms and some of the world's largest banks.

Security researchers identified a malspam campaign targeting Italian users with a variant of the sLoad downloader.

Bad actors recently launched a Thanksgiving-themed spam campaign that used obfuscation to deliver the Emotet banking Trojan.

The Sofacy group recently targeted several government organizations around the world with the new Cannon Trojan.

A recent Hawkeye keylogger campaign leveraged an old Microsoft Office Equation Editor vulnerability to steal user credentials, passwords and clipboard content.

Researchers observed threat actors impersonating the Brazilian postal service in a malware campaign that combines legitimate Windows files such as WMI and CertUtil to steal banking data.

A PowerShell malware downloader known as sLoad uses geofencing, customized emails and device reconnaissance to identify high-value Trojan targets.

Researchers reported that threat actors are using web services such as Google Drive, SharePoint and Dropbox to host files containing malicious links as part of phishing campaigns.