October 3, 2019 Silent Starling Group Stages Vendor Email Compromise Attacks 2 min read - The Silent Starling cybercriminal group is using an attack known as vendor email compromise to target unsuspecting customers.
September 16, 2019 Astaroth Trojan Uses Facebook and YouTube Profiles to Support Infection Chain 2 min read - The Astaroth Trojan used Facebook and YouTube profiles to support its infection chain in a new phishing campaign targeting Brazilian users.
August 14, 2019 Phishing Campaign Distributes Fake Microsoft Account Notifications 2 min read - Attackers are disseminating fake Microsoft account notifications alerting users to supposed "unusual sign-in activity" in a ploy to steal credentials.
August 12, 2019 Phishing Campaign Uses DocuSign Branding, S3-Hosted Landing Page to Target Office Credentials < 1 min read - Researchers observed a new phishing campaign that used DocuSign branding and a landing page hosted on Amazon public cloud storage (S3) to steal users' Microsoft Office credentials.
July 9, 2019 TA505 Delivers New Gelup Malware Tool, FlowerPippi Backdoor Via Spam Campaign 2 min read - Researchers observed the TA505 threat group using spam campaigns to deliver two new payloads: the Gelup malware tool and the FlowerPippi backdoor.
June 4, 2019 Phishing Scam Leverages Fake List of Undelivered Emails to Trick Users Into Clicking < 1 min read - Researchers discovered a phishing scam that leverages a fake list of undelivered emails to trick users into clicking and offering up their login credentials.
Endpoint May 20, 2019 How to Fight Back Against Macro Malware 6 min read - Per X-Force IRIS, at least 22 percent of reported campaigns in April 2019 delivered macro malware. What methods can defenders leverage to help detect malicious macro activity?
Data Protection May 13, 2019 How a Quirky Gmail Feature Led to a Phishing Scare and a Valuable Lesson in Email Security 3 min read - What began as a moment of panic in the wake of what I thought was a phishing attempt ended up being a valuable lesson about a quirky Gmail feature and how it impacts the email security landscape.
April 17, 2019 Spear Phishing Report Card: Perfect Scores in School Security Pen Testing 2 min read - According to a new U.K.-based study, 100 percent of test spear phishing attacks gained access to sensitive university data in less than two hours.
April 9, 2019 Web Servers Used to Host 10 Malware Families Distributed via Phishing Emails 2 min read - Digital attackers used more than a dozen web servers to host 10 malware families and distributed those threats using phishing emails.