New phishing attack uses Morse code to hide malicious URLs

A new targeted phishing campaign includes the novel obfuscation technique of using Morse code to hide malicious URLs in an email attachment. Samuel Morse and Alfred Vail invented morse code as a way of transmitting messages across telegraph wire. When using Morse code, each letter and number is encoded as a series of dots (short … Continue reading New phishing attack uses Morse code to hide malicious URLs

LogoKit Group Aims for Simple Yet Effective Phishing

A phishing kit that uses embedded JavaScript targeted the users of more than 300 sites in the past week, aiming to grab credentials for SharePoint, Adobe Document Cloud, and OneDrive. A relatively new phishing kit uses embedded JavaScript to dynamically change elements of spoofed webpages to more easily fool users. The adoption of the phishing … Continue reading LogoKit Group Aims for Simple Yet Effective Phishing

SpamCop anti-spam service suffers an outage after its domain expired

Cisco's SpamCop anti-spam service suffered an outage Sunday after a its domain mistakenly was allowed to expire. SpamCop provides a Real-time Blackhole List (RBL) that mail servers can use to determine if incoming mail should be marked as spam. Today, mail administrators, organizations, and ISPs worldwide suddenly found that their outgoing mail was being rejected … Continue reading SpamCop anti-spam service suffers an outage after its domain expired

Targeted Phishing Attacks Strike High-Ranking Company Executives

An evolving phishing campaign observed at least since May 2020 has been found to target high-ranking company executives across manufacturing, real estate, finance, government, and technological sectors with the goal of obtaining sensitive information. The campaign hinges on a social engineering trick that involves sending emails to potential victims containing fake Office 365 password expiration … Continue reading Targeted Phishing Attacks Strike High-Ranking Company Executives

Windows Finger command abused by phishing to download malware

Attackers are using the normally harmless Windows Finger command to download and install a malicious backdoor on victims' devices. The 'Finger' command is a utility that originated in Linux/Unix operating systems that allows a local user to retrieve a list of users on a remote machine or information about a particular remote user. In addition … Continue reading Windows Finger command abused by phishing to download malware