Fake IRS notice delivers customized spying tool

Threat actors leverage a Microsoft Office exploit to spy on their victims. In this blog post, we will review its delivery mechanism and analyze the malware we observed, a modified version of a commercial Remote Administration Tool (RAT).

Read more

A week in security (September 11 – September 17)

A compilation of security news and blog posts from the 11th – 17th September. We look at 0days, more Equifax developments, our usual smattering of blog posts, and more!

Read more

Compromised LinkedIn accounts used to send phishing links via private message and InMail

A recent attack uses existing LinkedIn user accounts to send phishing links to their contacts via private message but also to external members via email.

Read more

Google reminds website owners to move to HTTPS before October deadline

To encourage website owners and service providers to move to HTTPS, Google began sending out emails to remind them that their sites will be marked as insecure if they don’t comply. This is the latest step in the search giant’s long-term effort of creating a safer web experience for every user.

Read more

Insider threats in your work inbox

A new phishing campaign that targets businesses goes beyond business email compromise or CEO fraud.

Read more

Cybersecurity info you can’t do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Select your language