4 matches found
Microsoft Teams Users Under Attack in 'FakeUpdates' Malware Campaign
Attackers are using ads for fake Microsoft Teams updates to deploy backdoors, which use Cobalt Strike to infect companies’ networks with malware. Microsoft is warning its customers about the so-called “FakeUpdates” campaigns in a non-public security advisory, according to a report in Bleeping...
Taurus Project stealer now spreading via malvertising campaign
For the past several months, Taurus Project—a relatively new stealer that appeared in the spring of 2020—has been distributed via malspam campaigns targeting users in the United States. The macro-laced documents spawn a PowerShell script that invokes certutil to run an autoit script ultimately...
Domen toolkit gets back to work with new malvertising campaign
Last year, we documented a new social engineering toolkit we called "Domen" being used in the wild. Threat actors were using this kit to trick visitors into visiting compromised websites and installing malware under the guise of a browser update or missing font. Despite being a robust toolkit, we...
You've Been Served…with Subpoena-Themed Phishing Emails
A phishing campaign claiming to deliver emailed subpoenas is targeting insurance and retail companies. According to researchers, the phishing emails are spoofing the UK Ministry of Justice, aiming to capitalize on scare tactics to convince targets to click on an embedded link to “learn more about...