Cybercriminals’ tactics are changing. With companies using more sophisticated security defenses such as NextGen AV and firewalls, endpoint security, SEGs, and more, hackers are going after the human attack surface with tactics that evade existing defenses by design.
Unlike malware and exploits, Phishing represent a much broader category of the threat landscape. They are not bound by a fixed set of rules and thus cannot be identified by a simple signature or static set of if-then-else sandbox rules. The end goal of a Phishing attack is to trick the target into clicking on …
With cybersecurity defenses improving, threat actors are turning to socially engineered attacks to exploit human vulnerabilities with phishing. A phishing technique gaining popularity is the use of a “Replica Sign-in Page” for federated account logins. This tactic works by playing into the human brain’s characteristic (which gives priority to known visuals; meaning that the mind …
A new ransomware is being spread, aptly named “Rapid” Ransomware, which mostly leverages a social engineering attack vector using spam emails with malicious attachments. Rapid encrypted files are renamed with a .rapid extension. A ransom note is dropped in a form of a text file which instructs the victim to email the attacker to restore the …
To say hackers are becoming confident is an understatement. Recently SlashNext’s Threat Intelligence Lab uncovered a series of Phishing web sites that were set up to promote a variety of Global Events and luring victims to these web sites in that process. Some of notable events currently being targeted by these scammers are as follows: …