July 17, 2019 SWEED Threat Actor Uses Typosquatting, UAC Bypasses to Distribute Agent Tesla < 1 min read - Researchers observed a threat actor known as SWEED using typosquatting and UAC bypassing techniques to distribute Agent Tesla and other malware.
July 15, 2019 Digital Attackers Now Using 16Shop Phishing Kit to Target Amazon Users < 1 min read - Digital attackers are now abusing the 16Shop phishing kit to target Amazon users for the purpose of stealing access to their accounts.
July 15, 2019 Weekly Security News Roundup: Zero-Day Vulnerability Exploited in Buhtrap Attack Campaign 3 min read - Last week, security researchers identified a zero-day vulnerability that was instrumental in a targeted attack against companies in Eastern Europe.
CISO July 12, 2019 Why Security Incidents Often Go Underreported 4 min read - If you saw a coworker browsing through a database they weren't supposed to have access to, would you report it? New research suggests that employees often underreport such security incidents.
July 10, 2019 Astaroth Attack Infects Windows Machines Via Living-Off-the-Land Techniques 2 min read - An Astaroth attack leveraged only living-off-the-land techniques to run the backdoor directly in memory on Windows machines.
July 9, 2019 TA505 Delivers New Gelup Malware Tool, FlowerPippi Backdoor Via Spam Campaign 2 min read - Researchers observed the TA505 threat group using spam campaigns to deliver two new payloads: the Gelup malware tool and the FlowerPippi backdoor.
July 2, 2019 Phishing Attacks Incorporate QR Codes to Help Evade URL Analysis 2 min read - Security researchers noticed fraudsters incorporating QR codes into various phishing attack campaigns as a way to evade URL analysis.
June 27, 2019 Sodinokibi Ransomware Adds Malvertising and More Exploit Kits to Distribution Methods 2 min read - Sodinokibi ransomware affiliates have added malvertising campaigns to the growing list of attack vectors used to infect victims, according to reports.
Risk Management June 21, 2019 4 Social Engineering Threats to Keep an Eye on — and How to Stop Them 4 min read - Threat intelligence reveals that highly targeted social engineering attacks are growing. Here's what you need to know to defend your organization.
Endpoint June 19, 2019 IoT Security and the Enterprise: A Practical Primer 5 min read - IoT security is now a hot topic, but beyond the hype and hyperbole, how can enterprises effectively secure connected networks and safeguard IoT devices?