27 Mar 2020

667% spike in email phishing attacks due to coronavirus fears

Amid the coronavirus pandemic, attackers are capitalizing on public fear and taking advantage of heightened emotions by targeting victims in email phishing attacks related to COVID-19. The number of email attacks related to COVID-19 has been increasing since January according to data collected by cybersecurity firm Barracuda Networks. However, the

Read More
20 Mar 2020

WHO Chief Impersonated in Phishing to Deliver HawkEye Malware

A new and continuing phishing campaign is posing as the Director-General of the World Health Organization (WHO) and is spreading malware known as HawkEye to victims’ devices. According to IBM X-Force Threat Intelligence researchers, the campaign started on Thursday, the same day it was discovered after the researchers found several

Read More
20 Mar 2020

Misconfigured Elasticsearch Instance Exposes More Than 5 Billion Records

An open Elasticsearch incident has reportedly exposed more than 5 billion records from 2012 to March 16, when the breach was discovered. The data in two of the collections is information on data breaches collected by a UK research firm over the course of the same time period. The data

Read More
11 Mar 2020

Phishers Use Fake HIV Test Results as Bait

Cybersecurity researchers have discovered a new phishing campaign that uses fake HIV test results to gather information from victims after clicking a malicious link, targeting insurance, healthcare and pharmaceutical companies around the world. Researchers at Proofpoint uncovered the campaign, stating that the cybercriminals were impersonating Vanderbilt University Medical Center and

Read More
09 Mar 2020

T-Mobile Suffers Another Breach as Staff Emails Targeted

The phone carrier T-Mobile recently suffered a malicious cybersecurity attack that allowed the attacker access to T-Mobile customer account information. This is not the first time that T-Mobile has been the subject of such an attack; in 2018, 2 million customers had their information illegally accessed. T-Mobile is in the

Read More
05 Mar 2020

Microsoft OneNote Used To Sidestep Phishing Detection

A phishing campaign was recently discovered by researchers at Cofense, who stated that Microsoft’s digital notebook OneNote was used to distribute the Agent Tesla keylogger. The attacker leveraged OneNote by experimenting with various lures that deliver the credential-stealing keylogger Agent Tesla or linked to a phishing page, starting with an

Read More
17 Feb 2020

Targeted Phishing Attack Aims For Well-Known Corporate Brands

MalwareHunterTeam has uncovered yet another new phishing campaign, this one targeting well-known brands such as Glad and Hasbro. The international companies were attacked using SLK attachments and has targeted a total of thirteen high profile companies to date. SLK attachments can allow the attacker to gain access to corporate networks.

Read More
12 Feb 2020

Amex, Chase Fraud Protection Emails Used as Clever Phishing Lure

A phishing campaign discovered by the MalwareHunterTeam was publicized on Tuesday. The campaign consists of sophisticated emails that pretend to be fraud protection messages coming from American Express and Chase Bank. The emails ask the recipient to confirm if the listed transactions are legitimate. Customers of these banks should be

Read More
07 Feb 2020

Iranian Hackers Target Journalists in New Phishing Campaign

A threat group in Iran known as “Charming Kitten” has launched a new campaign that aims to steal email account credentials. The campaign is a phishing attack discovered by Certfa Labs that targets journalists and human rights activists. The group is also widely known as APT35 and is notorious for

Read More
15 Jan 2020

U.N. Weathers Storm of Emotet-TrickBot Malware

Emotet malware operators have recently targeted the United Nations personnel in an attack that aimed to deliver the TrickBot trojan malware. Researchers at Confense stated that a phishing campaign fraudulently representing the Permanent Mission of Norway has taken place over the last several days. The emails were sent to 600

Read More