Qakbot: The trojan that just won’t go away

Qakbot (aka Qbot) – banking malware-turned-malware/ransomware distribution network – has been first observed in 2007 and is active to this day. The neverending adaptability of this threat is key to its long-term survival and success. “Qakbot operators tend to reduce or stop their spamming attacks for long periods of time on a seasonal basis, returning […]

Continue Reading

Cybercriminals use legitimate websites to obfuscate malicious payloads

According to Egress, the evolving attack methodologies currently used by cybercriminals are designed to get through traditional perimeter security. “The evolution of phishing emails continues to pose a major threat to organizations, emphasizing the need to enhance defenses to prevent attacks,” said Jack Chapman, VP of Threat Intelligence, Egress. “Although traditional signature-based detection can filter […]

Continue Reading

Shut Down Phishing Attacks – Types, Methods, Detection, Prevention Checklist

In today’s interconnected world, where digital communication and transactions dominate, phishing attacks have become an ever-present threat. By masquerading as trustworthy entities, phishing attacks deceive users and organizations into divulging sensitive information, such as passwords, financial data, and personal details. Phishing attacks, among the most prevalent techniques cyber criminals employ, can be straightforward yet highly […]

Continue Reading

How APTs target SMBs

Small and medium businesses (SMBs) are not exempt from being targeted by advanced persistent threat (APT) actors, according to Proofpoint researchers. By analyzing a year’s worth of APT campaign data they collected from the 200,000+ SMBs that have their security solution deployed, they pinpointed three main trends of attacks targeting SMBs in the space of […]

Continue Reading

Attackers use encrypted RPMSG messages in Microsoft 365 targeted phishing attacks

Experts warn of phishing attacks that are combining the use of compromised Microsoft 365 accounts and .rpmsg encrypted emails. Trustwave researchers have observed threat actors using encrypted RPMSG attachments sent via compromised Microsoft 365 accounts in a phishing campaign aimed at stealing Microsoft credentials. RPMSG files are used to deliver e-mails with Rights-Managed Email Object Protocol enabled. […]

Continue Reading

Company size doesn’t matter when it comes to cyberattacks

65% of organizations in the enterprise sector suffered a cyberattack within the last 12 months, which is similar to the results among companies of all sizes (68%), according to Netwrix. Larger organizations are a more frequent target for cyberattacks The most common security incidents are also the same: phishing, ransomware and user account compromise. However, […]

Continue Reading