SecureTeam

Twilio Targeted in Latest ‘0ktapus’ Phishing Attacks

Articles, Information Assurance, Social Engineering / Ian Reynolds

A large-scale phishing attack was recently launched against employees at Twilio, a global cloud-based communications and infrastructure company. Phishing text messages were sent to employees, impersonating Twilio’s IT department, with the aim of harvesting employee credentials. These stolen credentials were used to access internal systems, resulting in a breach of confidentiality in which the data […]

Twilio Targeted in Latest ‘0ktapus’ Phishing Attacks Read More »

What is Zeppelin Ransomware?

Articles, Information Assurance / Ian Reynolds

Ransomware is the biggest cyber threat for UK organisations according to the National Cyber Security Centre (NCSC), with the number of different types of ransomware doubling this year already, from 5,400 in late 2021, to 10,666 after just six months of 2022. A report by Fortinet suggests this rise could be due to the development

What is Zeppelin Ransomware? Read More »

Amex and Snapchat used in Open Redirect Attacks

News, Vulnerabilities / Ian Reynolds

Google Workspace and Microsoft 365 users have been targeted in phishing attacks that have resulted in the attackers stealing credentials. The attackers exploited known flaws in Snapchat and American Express websites to trigger open redirects to specially crafted web pages, where the credential harvesting could then take place. Email security company Inky detected these attacks

Amex and Snapchat used in Open Redirect Attacks Read More »

LinkedIn the Top Phishing Brand in Q2 2022

Articles, Social Engineering / Ian Reynolds

Phishing is the most common cyber attack vector, and while email is well known for phishing, increasingly LinkedIn is being used as well. End-user phishing was the initial access point in 56% of cyber attacks that took place in 2021, according to a recent report. Phishing attacks rely on user interaction to trigger the initial access,

LinkedIn the Top Phishing Brand in Q2 2022 Read More »

Phishing Attacks That Can Bypass MFA

Articles, Information Assurance, Social Engineering / Ian Reynolds

A large-scale phishing attack campaign has emerged using adversary-in-the-middle (AiTM) to steal credentials and circumvent multi-factor authentication (MFA) needs. Microsoft have released a security blog post regarding the use of these phishing attacks and the impersonation of Microsoft Azure Active Directory (Azure AD) login pages. This campaign has reportedly targeted over 10,000 organisations in the

Phishing Attacks That Can Bypass MFA Read More »

How the Phone-Wiping Banking Trojan BRATA is Becoming a More Advanced Threat

Articles, Information Assurance, Social Engineering / Ian Reynolds

First discovered in 2019, BRATA malware is contained in a malicious app which victims are tricked into installing on their phones. BRATA is a banking Trojan that gains access to your bank, withdraws your funds, and then wipes your phone with a factory reset to hide the evidence of its activities. BRATA stands for “Brazilian

How the Phone-Wiping Banking Trojan BRATA is Becoming a More Advanced Threat Read More »

HTML Phishing on the rise

News / Ian Reynolds

The popularity of phishing emails using HTML attachments started spiking in 2019, but have continued to be a significant issue in 2022. In just the first 4 months of this year, cybersecurity provider Kaspersky detected almost 2 million malicious emails using HTML attachments, making it one of the most popular forms of attachment used in

HTML Phishing on the rise Read More »

NHS Targeted in Phishing Campaign

News / Ian Reynolds

During March and April the NHS was embroiled in a phishing campaign – however the NHS was not the target – 139 compromised NHS email accounts were being used to send the phishing emails to external targets. Coming from legitimate NHS email addresses on NHS servers meant the emails would pass many validation checks and

NHS Targeted in Phishing Campaign Read More »

Malware spike linked to Ukraine invasion

News / Ian Reynolds

The Russian attack on Ukraine is a new kind of war, being fought in cyber space as much as it is on the city streets of Ukraine. Microsoft reports that Ukrainian networks were targeted with FoxBlade malware several hours before the start of the invasion on the 24th February. Said Brad Smith, President & Vice

Malware spike linked to Ukraine invasion Read More »

Monzo and Revolut customers targeted in phishing campaign

News / Ian Reynolds

Customers of Monzo and Revolut banks are being targeted in a phishing campaign which aims to steal their account credentials. The attack starts with a fake SMS that claims to be from the bank. At the start of 2022, 27% of UK adults had an account with one of the digital only challenger banks, and

Monzo and Revolut customers targeted in phishing campaign Read More »

phishing

What is Zeppelin Ransomware?

Amex and Snapchat used in Open Redirect Attacks

HTML Phishing on the rise

NHS Targeted in Phishing Campaign

Malware spike linked to Ukraine invasion

Monzo and Revolut customers targeted in phishing campaign

Our Address

Talk to us

Office Hours

Company Number

VAT Registration Number

Penetration Testing

Risk & Compliance Services

Quick Links

information. secured.

Head Office Address

Opening Hours

Stay in Touch