2020, Phishing and Security Intelligence

Office 365 phishing campaign uses redirector URLs and detects sandboxes to evade detection

Security Affairs

NOVEMBER 18, 2020

Microsoft is tracking an ongoing Office 365 phishing campaign aimed at enterprises that is able to detect sandbox solutions and evade detection. Microsoft is tracking an ongoing Office 365 phishing campaign that is targeting enterprises, the attacks are able to detect sandbox solutions and evade detection.

Phishing

Phishing Social Engineering Passwords Security Intelligence

North Korea-linked APT Emerald Sleet is using a new tactic

Security Affairs

FEBRUARY 12, 2025

The group works under the control of the Reconnaissance General Bureau (RGB) foreign intelligence service. At the end of October 2020, the US-CERT published a report on Kimuskys recent activities that provided information on their TTPs and infrastructure. LNK shortcut files, disguised as Office documents.

Phishing

Phishing Malware Security Intelligence Hacking

Ransomware, BEC and Phishing Still Top Concerns, per 2021 Threat Report

Webroot

APRIL 21, 2021

Although cybercriminal activity throughout 2020 was as innovative as ever, some of the most noteworthy threat activity we saw came from the old familiar players, namely ransomware, business email compromise (BEC) and phishing. By September 2020, the average ransom payment peaked at $233,817. “In

Threat Reports

Threat Reports Phishing Ransomware Backups

Kimsuky APT group used custom RDP Wrapper version and forceCopy stealer

Security Affairs

FEBRUARY 8, 2025

Researchers spotted North Korea’s Kimsuky APT group launching spear-phishing attacks to deliver forceCopy info-stealer malware. Researchers from AhnLab Security Intelligence Center (ASEC) observed North Korea’s Kimsuky APT group conducting spear-phishing attacks to deliver forceCopy info-stealer malware.

Malware

Malware Phishing Security Intelligence Hacking

Crooks continues to use COVID-19 lures, Microsoft warns

Security Affairs

MAY 13, 2020

Microsoft discovered a new phishing campaign using COVID-19 lures to target businesses with the infamous LokiBot information-stealer. Microsoft has discovered a new COVID-19 themed phishing campaign targeting businesses with the LokiBot Trojan.

Phishing

Phishing Advertising Security Intelligence Banking

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

FEBRUARY 2, 2020

An ongoing phishing campaign launched by TA505 is using attachments featuring HTML redirectors for delivering malicious Excel docs. pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors.

Malware

Malware Security Intelligence Banking Phishing

Microsoft warns of “massive campaign” using COVID-19 themed emails

Security Affairs

MAY 22, 2020

Experts from the Microsoft Security Intelligence team provided some details on a new “massive campaign” using COVID-19 themed emails. Researchers from the Microsoft Security Intelligence team provided some details on a new massive phishing campaign using COVID-19 themed emails.

Security Intelligence

Security Intelligence Advertising Phishing Malware

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

The alert published by CISA was based on data provided by the Multi-State Information Sharing & Analysis Center (MS-ISAC) and the CISA itself since July 2020. “Since August, CISA and MS-ISAC have seen a significant increase in malicious cyber actors targeting state and local governments with Emotet phishing emails.

Government

Government Banking Advertising Malware

RevengeRAT and AysncRAT target aerospace and travel sectors

SC Magazine

MAY 14, 2021

American Airlines flight 718, a Boeing 737 Max, is seen parked at its gate at Miami International Airport as passengers board for a flight to New York on December 29, 2020 in Miami, Florida. Grimes said security awareness training should teach users to beware of emails with the following traits: Emails that arrive unexpectedly.

Phishing

Phishing Scams Security Awareness Security Intelligence

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Security Affairs

DECEMBER 1, 2020

New blog: The threat actor BISMUTH, which has been running increasingly complex targeted attacks, deployed coin miners in campaigns from July to August 2020. Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020.

Cryptocurrency

Cryptocurrency Antivirus Government Manufacturing

Trickbot is the most prolific malware operation using COVID-19 themed lures

Security Affairs

APRIL 18, 2020

pic.twitter.com/V2JcZg2kjt — Microsoft Security Intelligence (@MsftSecIntel) April 17, 2020. This week’s campaign uses several hundreds of unique macro-laced document attachments in emails that pose as message from a non-profit offering free COVID-19 test.

Malware

Malware Advertising Security Intelligence Phishing

Microsoft warns of a large-scale BEC campaign to make gift card scam

Security Affairs

MAY 8, 2021

Business email compromise (BEC) attacks represent a serious threat for organizations worldwide, according to the annual report released by FBI’s Internet Crime Complaint Center , the 2020 Internet Crime Report , in 2020, the IC3 received 19,369 Business Email Compromise (BEC)/Email Account Compromise (EAC) complaints.

Scams

Scams Manufacturing Security Intelligence Internet

2022: The threat landscape is paved with faster and more complex attacks with no signs of stopping

Webroot

JANUARY 7, 2022

2020 may have been the year of establishing remote connectivity and addressing the cybersecurity skills gap, but 2021 presented security experts, government officials and businesses with a series of unpresented challenges.

Cybercrime

Cybercrime Ransomware Phishing Cryptocurrency

GUEST ESSAY: How SIEMS, UEBAs fall short in today’s turbulent threat landscape

The Last Watchdog

JULY 30, 2018

The painful impact of cyber attacks on businesses is worsening despite advances in technology aimed at protecting enterprises from malicious network traffic, insider threats, malware, denial of service attacks and phishing campaigns. Over the past decade, cyber security solutions have evolved into specific categories of solutions.

CISO

CISO Cyber Attacks Data collection Cybersecurity

Iran-linked Phosphorous APT hacked emails of security conference attendees

Security Affairs

OCTOBER 29, 2020

.” Microsoft Threat Intelligence Information Center (MSTIC) has uncovered activity by the threat actor PHOSPHOROUS, which has been masquerading as conference organizers and sending spoofed invitations by email to high-profile individuals. Get details here: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 28, 2020.

Hacking

Hacking Security Intelligence Advertising Accountability

More Than 90 Percent of Malware in Q2 Came Via Encrypted Traffic: WatchGuard

eSecurity Planet

OCTOBER 4, 2021

percent of all malware detected on networks of WatchGuard Technologies customers in the second quarter came over encrypted connections, raising the security risk for the 80 percent of such organizations that lack processes for decrypting and scanning HTTPS traffic for threats. A surprising 91.5

Encryption

Encryption Malware Ransomware Firewall

Remote Work is Here to Stay, and Other Cybersecurity Predictions for 2021

Webroot

DECEMBER 14, 2020

Read on for more details from leading engineers, security analysts and product specialists from around our organization for complete cybersecurity predictions for 2021. Take heart because, whatever happens, 2020 won’t be easily outdone (knock on wood). Grayson Milbourne, security intelligence director, Carbonite + Webroot.

Cybersecurity

Cybersecurity Engineering Phishing Social Engineering

CSC Research Finds Third Parties Continue to Lay Groundwork for Malicious Activity Among Thousands of COVID-Related Domains

CyberSecurity Insiders

JANUARY 25, 2022

.–( BUSINESS WIRE )– CSC , a world leader in business, legal, tax, and domain security, today announced key findings from its new report, which found that nearly 500,000 web domains were registered since January 2020 containing key COVID-related terms. At CSC, we believe domain security intelligence is power.

Artificial Intelligence

Artificial Intelligence Phishing Technology DNS

7 Insights About Managing Cyber Risk You Can’t Afford To Miss

Jane Frankland

AUGUST 18, 2020

That could be through common hacking techniques like phishing, bait and switch, cookie theft, deep fake , password cracking , social engineering , and so on. Security intelligence comes with a high pay off. Hackers are creative, adaptive, resourceful, and business-like.

Cyber Risk

Cyber Risk Risk Cybersecurity Technology

Cyber Security Informer

Office 365 phishing campaign uses redirector URLs and detects sandboxes to evade detection

North Korea-linked APT Emerald Sleet is using a new tactic

Trending Sources

Ransomware, BEC and Phishing Still Top Concerns, per 2021 Threat Report

Kimsuky APT group used custom RDP Wrapper version and forceCopy stealer

Crooks continues to use COVID-19 lures, Microsoft warns

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Microsoft warns of “massive campaign” using COVID-19 themed emails

CISA alert warns of Emotet attacks on US govt entities

RevengeRAT and AysncRAT target aerospace and travel sectors

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Trickbot is the most prolific malware operation using COVID-19 themed lures

Microsoft warns of a large-scale BEC campaign to make gift card scam

2022: The threat landscape is paved with faster and more complex attacks with no signs of stopping

GUEST ESSAY: How SIEMS, UEBAs fall short in today’s turbulent threat landscape

Iran-linked Phosphorous APT hacked emails of security conference attendees

More Than 90 Percent of Malware in Q2 Came Via Encrypted Traffic: WatchGuard

Remote Work is Here to Stay, and Other Cybersecurity Predictions for 2021

CSC Research Finds Third Parties Continue to Lay Groundwork for Malicious Activity Among Thousands of COVID-Related Domains

7 Insights About Managing Cyber Risk You Can’t Afford To Miss

Stay Connected