Proofpoint

TA544 Threat Group Targets Over 2,000 Italian Organizations with Ursnif Malware

Proofpoint has observed nearly 20 notable campaigns distributing thousands of messages targeting Italian organizations this year, which equals 80% of the number of similar campaigns in 2020.

Researchers Uncover Email Fraud Campaigns Using Social Engineering Tactics to Steal Crypto Assets

Victims are tempted by the promise of a considerable amount of cryptocurrency. Cashing out the full balance requires them to deposit some Bitcoin to the platform, which is the point of the scheme.

As Delta Variant Spreads, COVID-19 Themes Make Resurgence In Email Threats

Proofpoint researchers observed an increase in COVID-19 related threats since late June 2021. They observed high-volume COVID-19 related campaigns from RustyBuer, Formbook, and Ave Maria malware.

New Threat Actor Uses Spanish Language Lures to Distribute Seldom Observed Bandook Malware

Proofpoint researchers identified?a new and highly active threat group, TA2721, also colloquially referred to as Caliente Bandits, targeting multiple industries from finance to entertainment.

Operation SpoofedScholars: A Conversation with TA453

TA453, an Iranian threat actor, impersonated British scholars to covertly target individuals of intelligence interest to the Iranian government in what Proofpoint has dubbed Operation SpoofedScholars.

Malware Masquerades as Privacy Tool

Proofpoint researchers found a new threat enticing users to download malware by masquerading as a “Privacy Tools” service offering a tool that “encrypts” user data using a zip-like utility.

Cobalt Strike: Favorite Tool from APT to Crimeware

Cobalt Strike is a legitimate penetration testing tool used by security professionals to emulate malicious activity in a network. However, threat actors are increasingly abusing the tool.

JSSLoader: Recoded and Reloaded | Proofpoint US

After a months-long absence, the malware loader JSSLoader returned in June 2021 cyberattack campaigns by TA543 threat actor, rewritten from the .NET programming language to C++.

98% of Organizations Received Email Threats from Suppliers: What You Should Know

Proofpoint’s recent research indicates that 98% of nearly 3,000 monitored organizations across the U.S., UK, and Australia, received a threat from a supplier domain over a 7-day window in February.
January 21, 2021

Attackers Perform BEC Target Selection Using Google Forms

This hybrid campaign combines the benefits of scale and legitimacy by leveraging Google Services with social engineering attacks, more commonly associated with BEC schemes.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags