Webroot

JANUARY 26, 2022

In fact, phishing attacks spiked by 510% from just January – February 2020, according to the 2021 Threat Report. Overall, 76% of executives report that phishing is still up compared to before the pandemic. That’s because cybercriminals have found success by targeting COVID-19 fears with their schemes. Who’s getting attacked?

Phishing 128

Phishing DNS Backups Security Awareness 128

eSecurity Planet

MAY 2, 2024

The vendor reports show that most attackers want credentials, most malware development is in credential-stealing software, and the market for stolen credentials is booming: Cisco: Found 54% of organizations experienced a cybersecurity incident; and of those incidents, 54% involved phishing and 37% involved credentials stuffing.

Cybersecurity 123

Cybersecurity DDOS Penetration Testing Passwords 123

Security Boulevard

SEPTEMBER 4, 2024

Threat Intelligence Report Date: September 4, 2024 Prepared by: David Brunsdon, Threat Intelligence - Security Engineer, HYAS Malware, short for malicious software, refers to any software designed to harm, exploit or otherwise compromise the functionality and security of computers, networks and devices.

Malware 59

Malware Spyware Software Encryption 59

Security Boulevard

AUGUST 19, 2024

By inputting an IP or domain name into the Steam user account, the malware can fetch that particular user's details and receive a destination for C2, or exfiltration. We came across a threat actor that went further to hide their C2 domains by using a simple form of encryption known as a “Substitution Cipher.” Pivot from tenntysjuxmz[.]shop

Malware 64

Malware Encryption DNS Accountability 64

Security Boulevard

AUGUST 12, 2024

Threat Intelligence Report Date: August 12, 2024 Prepared by: David Brunsdon, Threat Intelligence - Security Engineer, HYAS Threat Actors Exploiting Legitimate Services to Disguise Traffic Recently, the HYAS Threat Intelligence team has noticed an increase in malware communicating with subdomains under the ply.gg

DNS 64

DNS Malware Accountability Network Security 64

Security Boulevard

APRIL 19, 2023

Browser extension-based malware can range from annoying to catastrophic, but following these tips will help keep your home network safe. Malicious extensions must also communicate with their command and control in order to download additional malware or to receive instructions to reactivate after a period of dormancy.

DNS 72

DNS Banking Malware Password Management 72

Security Boulevard

MARCH 14, 2025

LLMs can help attackers avoid signature based detection Traditionally, C2 traffic might be disguised as normal web traffic, DNS queries, or go through known platforms like Slack or Telegram. The malware can ask the AI for instructions in natural language, effectively turning the AI into an unwitting proxy for the attacker.

Malware 64

Malware Engineering Encryption DNS 64

SecureList

APRIL 27, 2021

In our initial report on Sunburst , we examined the method used by the malware to communicate with its C2 (command-and-control) server and the protocol used to upgrade victims for further exploitation. This campaign made use of a previously unknown malware family we dubbed FourteenHi.

Malware 145

Malware Government Spyware Social Engineering 145

Security Boulevard

AUGUST 28, 2024

Download: How to Stop Phishing Attacks with Protective DNS Suspicious Domains Identified In our investigation, we have identified a series of suspicious domains, all registered through domain.com and using the same nameservers: ns1.dotster.com Want more threat intel on a weekly basis? dotster.com and ns2.dotster.com. dotster.com.

Phishing 64

Phishing DNS Malware Accountability 64