New social engineering toolkit draws inspiration from previous web campaigns

We discovered a web social engineering toolkit that allows crooks to create fake update notification campaigns on both desktop and mobile in up to 30 different languages.

Read more

The numeric tech support scam campaign

A new tech support scam campaign is being pushed in lieu of exploit kits. We take a look at its distribution method and how it is able to bring browsers to their knees.

Read more

A week in security (Apr 24 – Apr 30)

A compilation of notable security news and blog posts from the 24th of April to the 30th. We covered a lot of different subject, exploit kits, adware, Tech Support Scams, Android and Mac threats. And how to fight security fatigue.

Read more

A story of fonts by the EITest HoeflerText campaign

The HoeflerText campaign is known for a fake font download that delivers the Spora ransomware. But did you know it also uses special characters in the dropper’s file name?

Read more

Report: Cybercrime climate shifts dramatically in first quarter

The first quarter of 2017 brought with it some significant changes to the threat landscape and we aren’t talking about heavy ransomware distribution either. Threats which were previously believed to be serious contenders this year have nearly vanished entirely, while new threats and infection techniques have forced the security community to reconsider collection and analysis efforts.

Read more

A look back at the Zyns iframer campaign

Behind compromised sites or malvertising, you will often find trails that can take you back years and see how infection chains evolved, or didn’t, over time.

Read more

Just For Men website serves malware

The website for Just For Men, a company that sells various products for men, had their website breached and was serving a password stealing Trojan. The malicious code embedded in the WordPress site was part of the EITest campaign and pushed the RIG exploit kit.

Read more

Select your language