Phishing

Weekly Malware Roundup – September 18, 2023

greykeep · September 18, 2023 ·

GreyKeep Security Malware Roundup - September 5, 2023

This is the GreyKeep Security Malware Roundup for September 18, 2023. Here’s a summary of what’s in this week’s edition:

Targets

Amazon Web Services
(Amplify, Fargate, SageMaker)
Microsoft Windows
Apple MacOS
Facebook Messenger

Google Chrome
Adobe Acrobat
GitHub
Free Download Manager
Webdav

Organizations

MGM Resorts International
Defense
Satellite

Pharmaceutical
Asian power grid
Android banking apps

Threat Actors

Earth Lusca (China)
ALPHV
Cuba (ransomeware group)

Peach Sandstorm (Iran)
Winnti Group/Redfly (China)
Lazarus (N. Korea)

[Read more…]

Weekly Malware Roundup – September 11, 2023

greykeep · September 11, 2023 ·

This is the GreyKeep Security Malware Roundup for September 11, 2023. Here’s a summary of what’s in this week’s edition:

Targets

Android
Windows (NTLMv2)
Windows (Advanced Installer)
Microsoft IIS
Microsoft Teams
Cisco ASA

Apple MacOS
Apple iPhone
Fortinet SSL-VPN
Zoho ManageEngine
Facebook Messenger
IRM Next Generation

Organizations

Ukraine
Cybersecurity researchers

Graphic designers
Hotels and resorts

Threat Actors

North Korea
Lazarus (N. Korea)
APT28/Fancy Bear (Russia)

APT34 (Iran)
Charming Kitten (Iran)
Hive0117

[Read more…]

Email Phishing Remains Most Common Attack Vector

greykeep · August 22, 2023 ·

According to a recent report by web performance and security company Cloudflare, email phishing is still the primary way attackers gain access to organizations. Of the 250 million emails analyzed by Cloudflare between May 2022 – May 2023, specially crafted malicious links accounted for 35.6% of all threats.

Not only is the content of phishing emails becoming more convincing, but cybercriminals are adopting techniques that allow them to bypass standard email security controls, such as Sender Policy Framework (SPF), DomainKeys Identified Email (DKIM), and Domain-based Authentication, Reporting & Conformance (DMARC).

[Read more…]