11 matches found
A Flyby on the CFO's Inbox: Spear-Phishing Campaign Targeting Financial Executives with NetBird Deployment
A Flyby on the CFO's Inbox: Spear-Phishing Campaign Targeting Financial Executives with NetBird Deployment By Trellix · May 28, 2025 This blog was written by Srini Seethapathy Trellix wants to acknowledge thequick response from NetBird following our initial findings. NetBird acted immediately to...
The Ongoing Saga of Job-Themed Attacks
The Ongoing Saga of Job-Themed Attacks By Daksh Kapur and Alfred Alvarado · January 23, 2024 Figure 1 - Job Themed Cyberattacks Attribution at the Bottom In late 2023, Trellix Security Researchers identified an ongoing trend where cybercriminals exploit job-themed attack vectors to target both jo...
Hackers Abusing Windows Search Feature to Install Remote Access Trojans
A legitimate Windows search feature is being exploited by unknown malicious actors to download arbitrary payloads from remote servers and compromise targeted systems with remote access trojans such as AsyncRAT and Remcos RAT. The novel attack technique, per Trellix, takes advantage of the...
Beyond File Search: A Novel Method
Beyond File Search: A Novel Method for Exploiting the "search-ms" URI Protocol Handler By Mathanraj Thangaraju and Sijo Jacob · July 26, 2023 Threat Summary In the ever-evolving landscape of cyber threats, malware authors continuously explore new avenues to exploit unsuspecting users. The Windows...
Malicious OAuth applications abuse cloud email services to spread spam
Microsoft researchers recently investigated an attack where malicious OAuth applications were deployed on compromised cloud tenants and then used to control Exchange Online settings and spread spam. The investigation revealed that the threat actor launched credential stuffing attacks against...
Malicious OAuth applications abuse cloud email services to spread spam
Microsoft researchers recently investigated an attack where malicious OAuth applications were deployed on compromised cloud tenants and then used to control Exchange Online settings and spread spam. The investigation revealed that the threat actor launched credential stuffing attacks against...
Facebook phish claims “Someone tried to log into your account”
Watch out for bogus Facebook phishing messages winging their way to your mailbox. The ruse is quite simple: The mail senders are relying on the recipient’s sense of panic to respond without thinking about it. The mail looks professional enough, and seeks to imitate what would be a fairly typical...
Cyber Criminals phishing with smart subdomains to earn millions
Like many other security issues that now affect computer users, there is a growing threat known as phishing". Phishing attacks are perpetrated by criminals who send deceptive emails in order to lure someone into visiting a fraudulent web site or downloading malicious software, expressly for...
Cyber Criminals phishing with smart subdomains to earn millions
Like many other security issues that now affect computer users, there is a growing threat known as phishing". Phishing attacks are perpetrated by criminals who send deceptive emails in order to lure someone into visiting a fraudulent web site or downloading malicious software, expressly for...
New OSX/Imuler Variant Targeting Tibetan Activists
Researchers over at Intego have recently discovered a new variant of OSX/Imuler the data-stealing Mac malware, detected as OSX/Imuler.E which is believed to be targeting Tibetan rights activists. "This backdoor Trojan family was first discovered in September 2011 as a Mac PDF Trojan horse and has...
Fake ADP and FDIC Notifications Leading Users to Blackhole Exploit Kit
With the latest iteration of the Blackhole Exploit Kit hitting the web this week, attackers are going to great lengths to spread around links to get unsuspecting victims to click through to the first version of the kit. E-mail notifications claiming to come from Microsoft Exchange, ADP, the Feder...