A recently discovered cybercrime gang, tracked as Epic Manchego, is using a new technique to create weaponized Excel files that are able to bypass security checks Security experts from NVISO Labs recently spotted the activity of a new malware gang, tracked as Epic Manchego, that is actively targeting companies across the world with phishing emails since […]
Experts spotted a phishing campaign that employees overlay screens and email âquarantineâ policies to steal Microsoft Outlook credentials from the victims. Researchers from Cofense discovered a phishing campaign that uses overlay screens and email âquarantineâ policies to steal Microsoft Outlook credentials from the targets. The overlay screens are displayed on top of legitimate webpages to […]
A bug in Google Drive could be exploited by threat actors to distribute malicious files disguised as legitimate documents or images. An unpatched weakness in Google Drive could be exploited by threat actors to distribute weaponized files disguised as legitimate documents or images. enabling bad actors to perform spear-phishing attacks comparatively with a high success […]
The Threat Report Portugal: Q2 2020 compiles data collected on the malicious campaigns that occurred from April to Jun, Q2, of 2020. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-InformĂĄtica. This feed is based on automatic searches and also has a strong contribution […]
Researchers detailed a new evasive phishing technique that leverages modified favicons to inject e-skimmers and steal payment card data covertly. Researchers from cybersecurity firm Malwarebytes have analyzed a new evasive phishing technique used by attackers in the wild in Magecart attacks. The hackers targeted visitors of several sites using typo-squatted domain names, and modified favicons […]
A vulnerability affecting the Zoom feature dubbed Vanity URL could have been exploited by hackers for phishing attacks. A vulnerability affecting the Zoom feature dubbed Vanity URLs could have been exploited by hackers for phishing attacks. The popularity of the Zoom video conferencing service exploded during the COVID-19 outbreak when it was chosen by organizations, schools, […]
Experts are warning of a new phishing campaign aimed at Office 365 users that are returning to the workplace with Coronavirus training resources. Threat actors continue to use Coronavirus lures adapting their technique to the current situation. The attack techniques adopted by the threat actors depends on the state of businesses in each region. In […]
Threat actors continue to use COVID-19 lures, Google is reporting an increase in Coronavirus-themed phishing attempts in Brazil, India, and the UK. While Coronavirus spreads on a global scale, threat actors continues to use COVID-19 lures, in April Google announced that the Gmail malware scanners have blocked around 18 million phishing and malware emails using […]
Hackers are targeting executives of a German multinational corporation involved in the government supply of personal protective equipment (PPE) against COVID-19. Hackers are targeting executives of a German multinational corporation involved in the government supply of personal protective equipment (PPE). Threat actors are targeting executives of a German multinational corporation part of a government-private sector task force that […]
Microsoft discovered a new phishing campaign using COVID-19 lures to target businesses with the infamous LokiBot information-stealer. Microsoft has discovered a new COVID-19 themed phishing campaign targeting businesses with the LokiBot Trojan. Lokibot was already employed in Coronavirus-themed campaigns, early of April, security experts at FortiGuard Labs discovered phishing attacks using alleged messages from the World Health Organization […]