Threat actors ramp up on coronavirus-themed campaigns, posing as the World Health Organization sending emails with fake e-book content. Instead of advice, users get compromised with malware.
We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data.
We describe the latest malvertising campaign that uses Domen, an advanced social engineering toolkit.
We reveal the inner workings of WOOF locker, the most sophisticated browser locker campaign we’ve seen to date. Learn how this tech support scam evades researchers and ensnares users by hiding in plain sight.
In order to maximize infection rate, threat actors are now launching the Spelevo exploit kit with a decoy adult site, social engineering users into downloading a malicious video player.
We take a look at a pressure-filled phishing attempt sent to players of the Elder Scrolls Online video game.
Don’t discount deepfakes just yet. We may not be fooled by phony Mark Zuckerberg anymore, but the discovery of a fake LinkedIn profile sporting a deepfake avatar shows how social engineering can deceive through the mundane.