Phishing and Security Intelligence - Cyber Security Informer

How To Fight Phishing With Security Intelligence

SecureBlitz

DECEMBER 15, 2021

This post will show you how to fight phishing with security intelligence. Phishing is one of the most frequent cyberattacks that trick users into revealing their personal information to an unreliable source – the hacker.

Security Intelligence

Security Intelligence Phishing Authentication Cybersecurity

Office 365 phishing campaign uses redirector URLs and detects sandboxes to evade detection

Security Affairs

NOVEMBER 18, 2020

Microsoft is tracking an ongoing Office 365 phishing campaign aimed at enterprises that is able to detect sandbox solutions and evade detection. Microsoft is tracking an ongoing Office 365 phishing campaign that is targeting enterprises, the attacks are able to detect sandbox solutions and evade detection.

Phishing

Phishing Social Engineering Passwords Security Intelligence

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

The Last Watchdog

MAY 1, 2019

Social engineering, especially phishing, continues to trigger the vast majority of breach attempts. Lucy’s’s software allows companies to easily set-up customizable mock attacks to test employees’ readiness to avoid phishing, ransomware and other attacks with a social engineering component.

Social Engineering

Social Engineering Engineering Phishing Banking

HTML Smuggling technique used in phishing and malspam campaigns

Security Affairs

NOVEMBER 12, 2021

Threat actors are increasingly using the HTML smuggling technique in phishing campaigns, Microsoft researchers warn. Microsoft experts warn that threat actors are increasingly using the HTML smuggling technique in phishing campaigns to stealthily deliver threats. — Microsoft Security Intelligence (@MsftSecIntel) July 23, 2021.

Phishing

Phishing Banking Passwords Malware

Phishing campaign leverages Google Translate as camouflage

Security Affairs

FEBRUARY 8, 2019

Crooks leverage Google Translate service as camouflage on mobile browsers in a phishing campaign aimed at stealing Google account and Facebook credentials. The phishing campaign targets both Google and Facebook accounts, the use of Google Translate allows the attackers to make the phishing page as a legitimate form from a Google domain.

Phishing

Phishing Mobile Security Intelligence Advertising

North Korea-linked APT Emerald Sleet is using a new tactic

Security Affairs

FEBRUARY 12, 2025

The threat actor impersonates a South Korean government official to build trust with the target before sending a spear-phishing email with a bait PDF attachment. The IT giant recommends training users about phishing and employing attack surface reduction rules. LNK shortcut files, disguised as Office documents.

Phishing

Phishing Malware Security Intelligence Hacking

Netflix Phishing Scam: Even the Savviest Streamers Can Fall Victim

Penetration Testing

SEPTEMBER 6, 2024

AhnLab Security Intelligence Center (ASEC) has uncovered a new phishing campaign targeting Netflix users, where cybercriminals are impersonating the popular streaming service to steal sensitive information.

Scams

Scams Phishing Security Intelligence Cybersecurity

Phishing remained the top identity abuser in 2022: IDSA report

CSO Magazine

MAY 31, 2023

Phishing was the most common type of identity-related incident in 2022, according to a study by Identity Defined Security Alliance (IDSA), a non-profit, identity and security intelligence firm.

Phishing

Phishing Security Intelligence

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Security Affairs

AUGUST 15, 2022

Microsoft has disrupted activity by SEABORGIUM, a Russia-based actor launching persistent phishing, credential and data theft, intrusions, and hack-and-leak campaigns tied to espionage. More details + TTPs in this MSTIC blog: [link] — Microsoft Security Intelligence (@MsftSecIntel) August 15, 2022. Pierluigi Paganini.

Phishing

Phishing Accountability Hacking Surveillance

Ransomware, BEC and Phishing Still Top Concerns, per 2021 Threat Report

Webroot

APRIL 21, 2021

Although cybercriminal activity throughout 2020 was as innovative as ever, some of the most noteworthy threat activity we saw came from the old familiar players, namely ransomware, business email compromise (BEC) and phishing. COVID-19 definitely affected phishing in very visible ways. phishing URLs targeting Netflix jumped 646%.

Threat Reports

Threat Reports Phishing Ransomware Backups

How to Stop Phishing Attacks in Their Tracks

SiteLock

AUGUST 27, 2021

However, research indicates that phishing attacks are the most common threat — by far. Microsoft’s “ Security Intelligence Report, Volume 24 ” shows a 250% increase in the number of phishing emails and attacks since 2018. To avoid becoming a victim, it’s critical to prevent phishing attacks.

Phishing

Phishing Passwords Education Password Management

LummaC2 Infostealer Malware Spreads via Crack Programs and Phishing

Penetration Testing

JANUARY 13, 2025

Cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have unveiled a sophisticated distribution tactic for the LummaC2 malware. The post LummaC2 Infostealer Malware Spreads via Crack Programs and Phishing appeared first on Cybersecurity News.

Phishing

Phishing Malware Security Intelligence Cybersecurity

Kimsuky APT group used custom RDP Wrapper version and forceCopy stealer

Security Affairs

FEBRUARY 8, 2025

Researchers spotted North Korea’s Kimsuky APT group launching spear-phishing attacks to deliver forceCopy info-stealer malware. Researchers from AhnLab Security Intelligence Center (ASEC) observed North Korea’s Kimsuky APT group conducting spear-phishing attacks to deliver forceCopy info-stealer malware.

Malware

Malware Phishing Security Intelligence Hacking

Malware Attack on Aviation Sector Uncovered After Going Unnoticed for 2 Years

The Hacker News

SEPTEMBER 17, 2021

A targeted phishing campaign aimed at the aviation industry for two years may be spearheaded by a threat actor operating out of Nigeria, highlighting how attackers can carry out small-scale cyber offensives for extended periods of time while staying under the radar.

Malware

Malware Security Intelligence Phishing

North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials

The Hacker News

FEBRUARY 6, 2025

The North Korea-linked nation-state hacking group known as Kimsuky has been observed conducting spear-phishing attacks to deliver an information stealer malware named forceCopy, according to new findings from the AhnLab Security Intelligence Center (ASEC).

Malware

Malware Phishing Security Intelligence Hacking

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Security Affairs

JANUARY 26, 2023

National Cyber Security Centre (NCSC) warns of a surge in the number of attacks from Russian and Iranian nation-state actors. National Cyber Security Centre (NCSC) is warning of targeted phishing attacks conducted by threat actors based in Russia and Iran. The are increasingly targeting organizations and individuals.

Phishing

Phishing Media Hacking Education

Microsoft warns of phishy OAuth apps

Malwarebytes

JANUARY 26, 2022

This is only the beginning of a potentially very nasty scaling of the security ladders. Any phish is bad, but here we have the scammers driving their way into the network and grabbing as many permissions as they can manage. According to Microsoft Security Intelligence, the campaign has “targeted hundreds of organisations”.

Phishing

Phishing Security Intelligence Scams Passwords

Crooks continues to use COVID-19 lures, Microsoft warns

Security Affairs

MAY 13, 2020

Microsoft discovered a new phishing campaign using COVID-19 lures to target businesses with the infamous LokiBot information-stealer. Microsoft has discovered a new COVID-19 themed phishing campaign targeting businesses with the LokiBot Trojan.

Phishing

Phishing Advertising Banking Security Intelligence

Organizations in aerospace and travel sectors under attack, Microsoft warns

Security Affairs

MAY 13, 2021

Threat actors conducted a spear-phishing campaign using messages that were specifically designed to be of interest to the targeted organizations. pic.twitter.com/aeMfUUoVvf — Microsoft Security Intelligence (@MsftSecIntel) May 11, 2021. “Microsoft 365 Defender detects the multiple components of this attack.

Security Intelligence

Security Intelligence Phishing Malware Hacking

A week in security (August 9 – August 15)

Malwarebytes

AUGUST 16, 2021

Synology NAS devices are under attack from StealthWorker PrintNightmare and RDP RCE among major issues tackled by Patch Tuesday Thief pulls off colossal, $600m crypto-robbery…and gives the money back If a QR code leads you to a Bitcoin ATM at a gas station, it’s a scam Twitter says it out loud: removing anonymity will not stop online abuse Microsoft’s (..)

Social Engineering

Social Engineering Scams VPN Phishing

Beware of “How to Fix” Button: New Phishing Emails Trick Users into Executing Malicious Commands

Penetration Testing

JUNE 5, 2024

AhnLab SEcurity Intelligence Center (ASEC) has recently identified a phishing campaign leveraging HTML files distributed via email to execute malicious commands on targeted systems.

Phishing

Phishing Security Intelligence Cybersecurity Malware

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

FEBRUARY 2, 2020

An ongoing phishing campaign launched by TA505 is using attachments featuring HTML redirectors for delivering malicious Excel docs. pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors.

Malware

Malware Security Intelligence Banking Phishing

RevengeRAT and AysncRAT target aerospace and travel sectors

SC Magazine

MAY 14, 2021

Microsoft Security Intelligence earlier this week tweeted out that it has been tracking a campaign of remote access trojans (RATs) targeting the aerospace and travel industries with spear-phishing emails that distribute an actively developed loader, which then delivers RevengeRAT or AysncRAT. Photo by Joe Raedle/Getty Images).

Phishing

Phishing Scams Security Awareness Security Intelligence

Microsoft warns of “massive campaign” using COVID-19 themed emails

Security Affairs

MAY 22, 2020

Experts from the Microsoft Security Intelligence team provided some details on a new “massive campaign” using COVID-19 themed emails. Researchers from the Microsoft Security Intelligence team provided some details on a new massive phishing campaign using COVID-19 themed emails.

Security Intelligence

Security Intelligence Advertising Phishing Malware

Black Hat Video Exclusive: Mobile APTs Redefining Phishing Attacks

Threatpost

AUGUST 13, 2018

Mike Murray, vice president of security intelligence at Lookout, discusses how mobile is redefining phishing, taking it out of the traditional inbox and into SMS and Facebook messages.

Mobile

Mobile Phishing Security Intelligence Government

A week in security (June 28 – June 4)

Malwarebytes

JULY 5, 2021

Researchers explore the insecure world of the subdomain (Source: Can i take your subdomain) Cyber insurance model is broken, consider banning ransomware payments (Source: The Register) How facial recognition solutions can safeguard the hybrid workplace (Source: Help Net Security) Capital One hacker faces fresh charges for 2019 hacking spree (Source: (..)

Cyber Insurance

Cyber Insurance Social Engineering Scams Insurance

Threat actor has been targeting the aviation industry since at least 2018

Security Affairs

SEPTEMBER 18, 2021

Security researchers from the Cisco Talos team uncovered a spear-phishing campaign targeting the aviation industry for two years avoiding detection. Security researchers from Cisco Talos uncovered a spear-phishing campaign targeting, dubbed Operation Layover, that targeted the aviation industry for two years without being detected.

Malware

Malware Phishing DNS Cybercrime

French Firms Rocked by Kasbah Hacker?

Krebs on Security

MARCH 2, 2020

An individual thought to be involved has earned accolades from the likes of Apple , Dell , and Microsoft for helping to find and fix security vulnerabilities in their products. In 2018, security intelligence firm HYAS discovered a malware network communicating with systems inside of a French national power company.

DNS

DNS Penetration Testing Malware Hacking

Trickbot is the most prolific malware operation using COVID-19 themed lures

Security Affairs

APRIL 18, 2020

pic.twitter.com/V2JcZg2kjt — Microsoft Security Intelligence (@MsftSecIntel) April 17, 2020. This week’s campaign uses several hundreds of unique macro-laced document attachments in emails that pose as message from a non-profit offering free COVID-19 test.

Malware

Malware Advertising Security Intelligence Phishing

‘Coronavirus Report’ Emails Spread NetSupport RAT, Microsoft Warns

Threatpost

MAY 22, 2020

documents to spread the weaponized NetSupport RAT in a spear-phishing campaign. Attackers used malicious Excel 4.0

Phishing

Phishing Security Intelligence

Russia-linked Nobelium APT targets orgs in the global IT supply chain

Security Affairs

OCTOBER 25, 2021

Microsoft is sharing information about the latest activity observed from the threat actor NOBELIUM, which has been attempting to replicate the approach it has used in past attacks by targeting organizations integral to the global IT supply chain: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 25, 2021.

Telecommunications

Telecommunications Technology Hacking Malware

2022: The threat landscape is paved with faster and more complex attacks with no signs of stopping

Webroot

JANUARY 7, 2022

“In 2022, the widespread growth of mobile access will increase the prevalence of mobile malware, given all of the behavior tracking capabilities,” says Grayson Milbourne, security intelligence director, Carbonite + Webroot, OpenText companies.

Cybercrime

Cybercrime Ransomware Phishing Cryptocurrency

CISA alert warns of Emotet attacks on US govt entities

Security Affairs

OCTOBER 6, 2020

“Since August, CISA and MS-ISAC have seen a significant increase in malicious cyber actors targeting state and local governments with Emotet phishing emails. pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020. ” reads that alert published by CISA.

Government

Government Banking Advertising Malware

Microsoft warns of a large-scale BEC campaign to make gift card scam

Security Affairs

MAY 8, 2021

link] pic.twitter.com/HTqYsUlCSn — Microsoft Security Intelligence (@MsftSecIntel) May 7, 2021. To make the emails appear legitimate, the attackers used fake replies, an increasingly common technique in phishing emails. pic.twitter.com/oZaqAv3FYa — Microsoft Security Intelligence (@MsftSecIntel) May 7, 2021.

Scams

Scams Manufacturing Security Intelligence Internet

Hackers Are Now Targeting the Aviation Industry to Harvest Information, Microsoft Warns

Heimadal Security

MAY 13, 2021

The tech giant has warned that the aviation and travel industry is seeing a notable increase in RAT (Remote Access Trojan) cyberattack efforts through phishing emails. A thread of information was posted by the Microsoft Security Intelligence team on their official Twitter page.

Security Intelligence

Security Intelligence Phishing Malware Cybersecurity

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Security Affairs

DECEMBER 1, 2020

Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020. New blog: The threat actor BISMUTH, which has been running increasingly complex targeted attacks, deployed coin miners in campaigns from July to August 2020.

Cryptocurrency

Cryptocurrency Antivirus Manufacturing Government

Webroot managed detection and response (MDR) purpose-built for MSPs

Webroot

JUNE 2, 2022

MDR services offer threat detection and response capabilities by augmenting cybersecurity tools with human security intelligence. Leveraging this human security expertise, MDR integrates, synthesizes and contextualizes security and other event information to hunt for, understand and respond to security incidents.

Threat Detection

Threat Detection Cyber Insurance Small Business Insurance

Telegram-powered bots circumvent 2FA

Malwarebytes

SEPTEMBER 30, 2021

Yesterday, security intelligence firm, Intel 147, revealed it had noticed an uptick of activity in threat actors providing access to services in Telegram that circumvent two-factor authentication (2FA) methods. Two-factor authentication is a great way to protect your online accounts, and we always recommend you turn it on.

Social Engineering

Social Engineering Banking Authentication Passwords

DBatLoader: A Malware Distribution via CMD Files

Penetration Testing

JUNE 27, 2024

AhnLab Security Intelligence Center (ASEC) has issued a warning regarding the re-emergence of the DBatLoader malware, a notorious downloader known for its historical involvement in phishing campaigns.

Malware

Malware Security Intelligence Phishing Cybersecurity

A new Astaroth Trojan Campaign uncovered by Microsoft

Security Affairs

JULY 9, 2019

See how #MicrosoftDefenderATP next-gen protection defeated the #fileless attack: [link] — Microsoft Security Intelligence (@MsftSecIntel) July 8, 2019. ” The attack chain starts with spear-phishing messages containing a malicious link that leads the potential victims to an LNK file.

Antivirus

Antivirus Malware Advertising Security Intelligence

Iran-linked Phosphorous APT hacked emails of security conference attendees

Security Affairs

OCTOBER 29, 2020

.” Microsoft Threat Intelligence Information Center (MSTIC) has uncovered activity by the threat actor PHOSPHOROUS, which has been masquerading as conference organizers and sending spoofed invitations by email to high-profile individuals. Get details here: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 28, 2020.

Hacking

Hacking Security Intelligence Advertising Accountability

GUEST ESSAY: How SIEMS, UEBAs fall short in today’s turbulent threat landscape

The Last Watchdog

JULY 30, 2018

The painful impact of cyber attacks on businesses is worsening despite advances in technology aimed at protecting enterprises from malicious network traffic, insider threats, malware, denial of service attacks and phishing campaigns. Over the past decade, cyber security solutions have evolved into specific categories of solutions.

CISO

CISO Cyber Attacks Data collection Cybersecurity

The Future of Data Protection Begins at GITEX 2019

Thales Cloud Protection & Licensing

OCTOBER 3, 2019

Not all employees are familiar with phishing and other digital threats, for instance. DarkMatter confirmed as much in its Cyber Security Report: June 2019 when it found that approximately 90 percent of UAE-based enterprises exhibited outdated software, credential problems in the form of weak/exposed passwords and insecure protocols.

Telecommunications

Telecommunications Encryption Software Cyber Attacks

More Than 90 Percent of Malware in Q2 Came Via Encrypted Traffic: WatchGuard

eSecurity Planet

OCTOBER 4, 2021

percent of all malware detected on networks of WatchGuard Technologies customers in the second quarter came over encrypted connections, raising the security risk for the 80 percent of such organizations that lack processes for decrypting and scanning HTTPS traffic for threats. A surprising 91.5

Encryption

Encryption Malware Ransomware Firewall

How To Fight Phishing With Security Intelligence

Office 365 phishing campaign uses redirector URLs and detects sandboxes to evade detection

Trending Sources

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

HTML Smuggling technique used in phishing and malspam campaigns

Phishing campaign leverages Google Translate as camouflage

North Korea-linked APT Emerald Sleet is using a new tactic

Netflix Phishing Scam: Even the Savviest Streamers Can Fall Victim

Phishing remained the top identity abuser in 2022: IDSA report

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Ransomware, BEC and Phishing Still Top Concerns, per 2021 Threat Report

How to Stop Phishing Attacks in Their Tracks

LummaC2 Infostealer Malware Spreads via Crack Programs and Phishing

Kimsuky APT group used custom RDP Wrapper version and forceCopy stealer

Malware Attack on Aviation Sector Uncovered After Going Unnoticed for 2 Years

North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Microsoft warns of phishy OAuth apps

Crooks continues to use COVID-19 lures, Microsoft warns

Organizations in aerospace and travel sectors under attack, Microsoft warns

A week in security (August 9 – August 15)

Beware of “How to Fix” Button: New Phishing Emails Trick Users into Executing Malicious Commands

Microsoft warns TA505 changed tactic in an ongoing malware campaign

RevengeRAT and AysncRAT target aerospace and travel sectors

Microsoft warns of “massive campaign” using COVID-19 themed emails

Black Hat Video Exclusive: Mobile APTs Redefining Phishing Attacks

A week in security (June 28 – June 4)

Threat actor has been targeting the aviation industry since at least 2018

French Firms Rocked by Kasbah Hacker?

Trickbot is the most prolific malware operation using COVID-19 themed lures

‘Coronavirus Report’ Emails Spread NetSupport RAT, Microsoft Warns

Russia-linked Nobelium APT targets orgs in the global IT supply chain

2022: The threat landscape is paved with faster and more complex attacks with no signs of stopping

CISA alert warns of Emotet attacks on US govt entities

Microsoft warns of a large-scale BEC campaign to make gift card scam

Hackers Are Now Targeting the Aviation Industry to Harvest Information, Microsoft Warns

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Webroot managed detection and response (MDR) purpose-built for MSPs

Telegram-powered bots circumvent 2FA

DBatLoader: A Malware Distribution via CMD Files

A new Astaroth Trojan Campaign uncovered by Microsoft

Iran-linked Phosphorous APT hacked emails of security conference attendees

GUEST ESSAY: How SIEMS, UEBAs fall short in today’s turbulent threat landscape

The Future of Data Protection Begins at GITEX 2019

More Than 90 Percent of Malware in Q2 Came Via Encrypted Traffic: WatchGuard

Stay Connected