A large phishing campaign has captured 400,000 Office 365 credentials by using compromised commercial email marketing services to avoid spam filters. The Compact Phishing operation has been using compromised accounts with services including SendGrid, MailGun and Amazon SES. Commercial email marketeers work hard to ensure their email systems have a high reputation, so their emailsRead more
Blog
A report published by Barracuda Networks and researchers at UC Berkley which examines email compromise attacks at 111 organisations sheds light on how email is abused in cyber-attacks – often as the opening shot in the attack. The research reveals that 30% of the attacks were part of the emerging economy of ‘accounts for sale’Read more
After analysing dozens of ransomware incidents over the last 4 years, researchers have identified their defining common characteristics – which can help security managers design targeted defences. Mandiant Intelligence have published a report that reveals the common attributes of ransomware incidents from around the world and across the industrial spectrum. The key findings are:Read more
A new report from Amnesty International highlights how reverse proxies are being used to bypass 2FA and phish the credentials of journalists and human rights defenders. Amnesty has been tracking the way journalists and human rights defenders in Uzbekistan are being targeted in sophisticated phishing attacks that include man in the middle and session high-jackingRead more
The release of the final Star Wars movie this month has been accompanied by a surge in fake download sites offering early or free access to the film while really depositing malware onto fans computers. For organisations that allow employees to take laptops home for the holidays, this may pose an additional risk if theRead more
A novel attack vector has been seen in the wild: using OAuth permissions to compromise Office365 Accounts Reported by anti-phishing security firm PhishLabs, the new attack leverages the persistent permissions of OAuth authentication to get access to the target Office365 accounts without ever compromising the login credentials. The attack starts with a phishing email whichRead more
Publishing giant Nikkei has reported they have lost $29million in an email fraud. In a press release they said: In late September 2019, an employee of Nikkei America, Inc. (New York City, United States) (“Nikkei America”), a subsidiary of Nikkei Inc. (“Nikkei”), had transferred approximately 29 million United States dollars (approximately 3.2 billion Japanese Yen)Read more
McAfee reports that a trio of malware kits are being actively used to target Office365 users. The phishing emails contain a clip of audio pretending to be from a voicemail intended for the recipient. A short clip of the audio can be played within the email which contains an urgent sounding ‘um hello?…’ The user isRead more
The UK National Cyber Security Centre published an advisory this week regarding the ongoing and increasing risk of DNS hijacking. DNS is the system that converts domain names to IP addresses allowing the world wide web to function. Its architecture is designed to be distributed in order to be resilient and stable. This distributed andRead more
Kaspersky has recently published information on what their security products are observing in their clients systems – and the dramatic rise of MS Office as a malware target. In 2016 MS Office was the target of 16% of attacks, behind Android at 19% and web browsers who were the dominant target with 45% of allRead more
