New tool lets attackers easily create reply-chain phishing emails

A new email tool advertised on a cybercriminal forum provides a stealthier method for carrying out fraud or malware attacks by allowing messages to be injected directly into the victim's inbox. By slipping content in the normal email flow, the utility can help bypass protections that verify messages traveling to their destination mail server. Lowering … Continue reading New tool lets attackers easily create reply-chain phishing emails

Phishing emails lure victims with inside info on Trumps health

A phishing campaign pushing a network-compromising backdoor pretends to have the inside scoop on President Trump's health after being infected with COVID-19. With the United States 2020 Presidential elections being hyper-partisan, people from different sides of the aisle have become obsessed with Trump's health for various reasons. To capitalize on this, the threat actors behind … Continue reading Phishing emails lure victims with inside info on Trumps health

Two Russians Charged in $17M Cryptocurrency Phishing Spree

U.S. authorities today announced criminal charges and financial sanctions against two Russian men accused of stealing nearly $17 million worth of virtual currencies in a series of phishing attacks throughout 2017 and 2018 that spoofed websites for some of the most popular cryptocurrency exchanges. The Justice Department unsealed indictments against Russian nationals Danil Potekhin and … Continue reading Two Russians Charged in $17M Cryptocurrency Phishing Spree

Phishing Attack Used Box to Land in Victim Inboxes

A phishing attack targeting government and security organizations used a legitimate Box page with Microsoft 365 branding to trick victims. A newly discovered credential phishing campaign used a legitimate Box webpage and exploited widespread trust in Microsoft 365 to capture victims' credentials in a convoluted attack chain. The team at Armorblox discovered this threat back … Continue reading Phishing Attack Used Box to Land in Victim Inboxes

CISA warns of phishing attacks delivering KONNI RAT

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert related to attacks delivering the KONNI remote access Trojan (RAT). The Cybersecurity and Infrastructure Security Agency (CISA) has published an alert to provide technical details on a new wave of attacks delivering the KONNI remote access Trojan (RAT). The KONNI RAT was first discovered … Continue reading CISA warns of phishing attacks delivering KONNI RAT