ZeroFox

December 13, 2023

New Underground Market Comes Online Just inTime for the Holidays

The OLVX marketplace operates on the clear web and has gained popularity in recent months. It offers various products and services, including phish kits, remote desktop connections, cPanel credentials, webshells, and stolen data.

Layoffs Fuel Uptick in Employment Scams

Layoffs across multiple industries throughout 2022 have coincided with increased efforts by threat actors to target job seekers; ZeroFox Intelligence identified a 30 percent increase in accounts impersonating organizations from Q3 to Q4 in 2022.

Threats from Retail Store-Based Intrusions

Threat actors are able to attack companies after having a physical presence on-site using card skimmers, unsecured PoS systems, unsecured Wi-Fi networks, USB drives, vulnerable IoT devices, social engineering, and insider threats.

Meet Kraken: A New Golang Botnet in Development

Since October 2021, ZeroFox Intelligence researchers have been tracking Kraken – a previously unknown botnet targeting Windows that is currently under active development.

Overview of the Pharmaceutical Industry Threat Landscape

The pharmaceutical industry endured a major shift in the threat landscape compared to the early stages of the pandemic from March 2020 to September 2021 as cybercriminals made it a prime target.

Understanding the Phishing Ecosystem: Using and Monetizing Victim Data

Victim data can quickly age out as, over time, the victim will realize they have fallen for a phishing attack and update their credentials, freeze financial accounts, or replace credit cards.

Phishing Kit Victim Workflow and Data Exflitration

Phishing designed to obtain credentials for retail brands or markets can contain very different stages compared to phishing designed to obtain online banking or credit card information from victims.

A Review of the Ransomware Landscape

The emergence of new, updated, and rebranded ransomware families highlights how ransomware operators shift from one RaaS to another due to improved capabilities and lucrative opportunities.

Raccoon Stealer Pivots Towards Self-Protection

Multiple updates have happened since the start of the quarter, most notable among them being the addition of new “crypters.” Other updates include support for stealing several cryptocurrency wallets.

Cyber Puppeteer Kits: The New Financial Services Security Threat

Cyber puppeteer kits are more personalized, interactive, and successful than traditional phishing kits. This makes them a threat to an organization’s employees, customers, critical assets, and more.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags