Cofense

New Malware-as-a-Service Info-Stealer Malware Targets Oil and Gas Companies

An advanced phishing campaign targeting the Oil and Gas industry is distributing the Rhadamanthys Stealer, an uncommon and sophisticated Malware-as-a-Service information stealer.

Beware of Phishing Scams Disguised as Annual HR Tasks

Threat actors are increasingly using annual responsibilities like open enrollment, 401k updates, and salary adjustments as lures to steal employee credentials through phishing emails.

Are DarkGate and PikaBot the New QakBot?

Phishing campaigns are using tactics previously seen in attacks involving the QakBot trojan to deliver malware families such as DarkGate and PikaBot. These campaigns utilize hijacked email threads, unique URL patterns, and a similar infection chain.

Voice Phishing Campaigns Using Access Keys

The phishing attack starts with an HTML file disguised as a voice message, which leads to the download of a file hosted on a disguised AWS URL. The attackers initially impersonate Zoom but later switch to spoofing Outlook and Teams login pages.

LinkedIn Smart Links Fuel Credential Phishing Campaign

This recent phishing campaign targeted various industries, with the finance sector being the primary target, and highlights the importance of employee training to combat phishing attacks.

Phishers Spoof Power BI to Visualize Your Credential Data

The Cofense Phishing Defense Center (PDC) has observed a new phishing campaign that harvests Microsoft credentials by impersonating Power BI emails as its a trusted software.

Missed Voice Message: A New Phishing Tactic

The end users are notified about missed voice messages from a British Telecom landline. The link directs recipients to a website that isn’t in any way associated with BT or any other telecom service.

Phishing as a Ransomware Precursor

As ransomware continues to be delivered based on decisions and actions taken by human attackers, it becomes increasingly important to look upstream at the chain of events that lead to that decision.

IT Support Lures Users into Mimecast Phish

The Cofense Phishing Defense Center (PDC) intercepted a new phishing technique that uses information technology (IT) support-themed emails to get users to enter their old password.

Mobile Messaging Service Abused for Phishing

Vzwpix allows Verizon customers to send texts as emails to recipients instead of phone messages. Threat actors can utilize these services to mass deliver texts that do not show the name of the sender.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags