Displaying items by tag: Phishing
The Group Behind Emotet is Looking to Get Around Microsoft’s VBA Changes
TA542 the wonderful people that brought you Emotet appears to be in the middle of a development and testing cycle on new delivery methods. According to researchers at ProofPoint the creators or the Emotet Botnet are potentially looking to find a new delivery method in response to the, long overdue, default disabling of VBA based Macros by Microsoft in their office products. Although ProofPoint seems to think this is development testing, the activity could also be part of a more targeted campaign.
FBI Sent out an Advisory Alleging a Targeted Campaign Against State Election Officials
The FBI, on March 29th, released a Private Industry Notification with vague details on a potential Phishing campaign targeting election officials in at least nine US states. The information in the advisory gives very broad information without really saying much. There is no information in the notification on which states were targeted and the phishing campaign sounds a lot like ones that are sent out to millions of people every day.
New Browser in the Browser Attack Improves on Phishing Campaigns
Phishing, regular and spear, is a very common method of compromising accounts and gaining access to a network. In many incidents, the initial compromise can be traced back to a compromised account via some sort of phishing message. This happens despite the many hours and dollars spent towards educating users about the dangers of trusting messages sent to them.
Vulnerabilities, Phishing, and More allow Attackers to Compromise web3 services including OpenSea and Steal $1.7 Million in virtual assets
We have another Web3 article today. This one covers a new NFT marketplace compromise though the use of phishing emails that tricked users into singing over their digital assets to an, as of yet, unknown attacker.
noVNC Used by Clever Pentester to get Around MFA During Spearphishing Attack
Most attacks, be they real or from a penetration test, begin with an attempt to compromise a single system, or user. The compromise of a device or user account gives the attacker a small foothold in an environment that they can use to pivot to other areas and begin their complete takeover of the targeted organization. Defenders use many techniques to try to prevent this including complex passwords, complex usernames and, of course multi-factor authentication (MFA). MFA, when done properly, reduces the risk of credential compromise from phishing and spearphshing significantly.
Phishing Campaign Leverages New Technique to Evade Detection
Researchers at Morphisec have detailed a new delivery type for AsyncRAT (Remote Access Trojan) used in part of a phishing campaign that has been running since at least September 2021. The phishing part of the campaign is routine, an email with an HTML attachment. The attachment looks like a receipt. When opened, the victim is directed to a webpage that asked them to save a file (an ISO file). On the surface it looks like it would be a regular file download that will go through common security channels. However, things turn out not to be what they expected (read that in Morgan Freeman’s voice).
Fun with DNS hacking and the importance of updating your router
On March 2 2015 CVE-2015-1187 was released. This alert indicated that a simple cross-site request forgery allowed someone (the “bad” guys) to hijack DNS settings on a wide range of routers. By doing this they were able to point people to their own DNS server and in turn direct them to malicious sites. These sites could be anything they wanted them to be from phishing sites to sites with malware intended to compromise the target system. The exploit is a pretty smart one especially when you take into account the fact that the bad guys do not need to remotely manage the target router to get this going.
Dropbox users hit by fraudalent e-mails
The company Appriver warned users of Dropbox service to increase caution, as false messages that ask users to change the password they use when signing up for service appeared once again. Fraudulent email messages are composed so that at first glance they look like they were really sent from Dropbox Team.
Human Security, Relearning How to Act on the Internet
![]() |
Security is a huge issue and has always been one ever since the first person decided they wanted to protect what they owned. Through the centuries the art of security has evolved and a multitude of inventions have blossomed on the scene to help us keep our property safe and secure. Once the data age started we had new concerns and our fertile minds came up with new and more creative ways to protect our new digital property. These two separate (yet dependent) fields are broken down into physical and digital security. The problem is that neither of these are effective unless we apply human security. This is the practice of securing people (humans) against being the largest security hole in any network or location.
76 million fake accounts on Facebook, or are there?
![]() |
Although many would say there are far more fake accounts, Facebook has admitted that in the past year about 76 million "fake" profiles have been opened on their service that has just over a billion users. These fall under the double accounts, wrongly classified and unwanted accounts and those where users deliberately identify themselves with a false name. In total, therefore, according to Facebook the fake accounts amount to 7% of the total number of users.