Cybercriminals impersonate World Health Organization to distribute fake coronavirus e-book
Threat actors ramp up on coronavirus-themed campaigns, posing as the World Health Organization sending emails with fake e-book content. Instead of advice, users get compromised with malware.
APT36 jumps on the coronavirus bandwagon, delivers Crimson RAT
We look at a spear phishing attack from APT36, an Advanced Persistent Threat group posing as the government of India and offering guidance on coronavirus. Instead, users are infected with a Crimson RAT that steals data.
Domen toolkit gets back to work with new malvertising campaign
We describe the latest malvertising campaign that uses Domen, an advanced social engineering toolkit.
Spear phishing 101: what you need to know
We look at the threat of spear phishing, why it’s such a problem, and what organizations can do to lessen the chance of a successful attack.
WOOF locker: Unmasking the browser locker behind a stealthy tech support scam operation
We reveal the inner workings of WOOF locker, the most sophisticated browser locker campaign we’ve seen to date. Learn how this tech support scam evades researchers and ensnares users by hiding in plain sight.
How to prevent a rootkit attack
Rootkit attacks are considered one of the most dangerous cyberthreats today. Learn what they are, how they infect systems, and how to protect against them.
6 ways hackers are targeting retail businesses
Whether it’s a high-volume shopping season or not, retail businesses are at risk from cybercriminals in a number of ways. Learn how hackers target retailers and shoppers alike.
Spelevo exploit kit debuts new social engineering trick
In order to maximize infection rate, threat actors are now launching the Spelevo exploit kit with a decoy adult site, social engineering users into downloading a malicious video player.
Fake Elder Scrolls Online developers go phishing on PlayStation
We take a look at a pressure-filled phishing attempt sent to players of the Elder Scrolls Online video game.
Deepfakes and LinkedIn: malign interference campaigns
Don’t discount deepfakes just yet. We may not be fooled by phony Mark Zuckerberg anymore, but the discovery of a fake LinkedIn profile sporting a deepfake avatar shows how social engineering can deceive through the mundane.
