For US$2,500, threat actors can employ Matanbuchus, a malware-as-a-service (MaaS) package found delivering Cobalt Strike beacons through phishing and spam messages. Cobalt Strike is a powerful security tool that threat actors are increasingly using as a reconnaissance and post-exploitation weapon. more
Conti ransomware surfaced as far back as 2020. Believed to have been created by Russia-based cybercriminal group Wizard Spider, it has been involved in a multitude of double extortion campaigns over the years. more
As technology advances, so does the world of espionage. That has given birth to several companies, such as Cytrox, that specialize in creating spyware. Predator, along with other applications of its kind, has been advertised as legal spyware-for-hire. more
Two cyber threats recently caught the attention of WhoisXML API researchers, primarily since parts of their infection chain hide behind legitimate services. This tactic is tricky for security teams because blocking the domains involved means blocking legitimate applications, too. more
Cyber attackers typically use newly registered domains (NRDs) in their campaigns to evade detection, particularly since the implementation of privacy protection in WHOIS records. But some also use aged domains like the SolarWinds hackers to render a sense of legitimacy to their pages. more
Phishing emails impersonating Maersk, one of the largest container shipping companies, targeted more than 18,000 people since the beginning of the year. The email address imitated the legitimate company’s email address but led to a phishing page designed to look like Maersk’s shipping portal login page. more
Premium Short Message Service (SMS) abuse is no longer new. But it's pretty rare for such threats to rack up hundreds of dollars in additional phone bill costs for every victim each year. more
Threat actors don't rest. Their malicious campaigns operate 24/7, especially when special occasions are approaching. Last May, we discovered over a thousand web properties related to Mother's Day, many of which either hosted questionable content or have been flagged as malicious. more
Threat actors have found a way to make phishing websites appear more legitimate by employing chatbots. The newly discovered tactic starts with an email about a delivery from DHL. more
In an earlier post, we looked at how cybersquatters took advantage of the popularity of seven car manufacturers to lure unwitting victims to fake sites. Since then, we were alerted to a phishing campaign this time targeting several German car dealers via age-old but still effective phishing. more