Zoom is growing quickly, which is good and bad. Good because it makes it easy to work from home, and bad because it's a security risk. Once a log-in page is necessary (such as in Zoom)—a new loophole for stealing credentials is created.
A unique example of an Account Takeover (ATO): an “injected” email turns out to be an attempt to insert malware as part of a “normal” email correspondence. This is a great evidence for the ultimate social engineering attack, showing how attackers are ever evolving.
A detailed, to-the-point analysis of the most phished brands in email attacks and the importance of asset-based protection as c. 50% of attacks are actually related to the targeted company and its stakeholders.
Fake Alert! Attackers now phish for user's credentials using fake email and web pages of Microsoft Planner and Microsoft Teams. Read the full report to stay on top of the trend and see what you can do about it.
What happens if you take a pinch of social engineering, a grain of evasion, and throw some anonymization techniques into the mix? Well, a perfect recipe for phishing. Check this example to see how attackers try to lure end-users to act wrongfully.
Attackers are ever-improving. See how they learned to leverage SendGrid to gain from two main benefits: evading email security measures and improve their trial and error process to improve their attack success rate.
Perception Point’s platform intercepted a unique, 3-stage attack that uses multiple evasion techniques, in order to infiltrate the targeted organization. In this post, we will present the complex attack and how Perception Point’s unique engines prevented it.
Perception Point has once again discovered a new attack trend hitting our clients. Perception Point intercepted this new attack campaign through its Advanced Cloud Storage Security solution. In this attack, we will show how attackers are leveraging OneDrive in order to evade detection and take advantage of a new attack vector.
As the Coronavirus continues to keep organizations world wide working remotely, Perception point continues to see more and more “COVID-19” themed attacks. As always, they are improving in their sophistication and evasion. Below is an overview of 2 new attacks caught by our system, with an in-depth malware analysis of one of the campaigns
Today’s blog shows an interesting change in the way attackers act. Unlike previous incidents we published, this report lays out Coronavirus-themes attacks which are not originated from email but though other collaboration channels, such as cloud storage platform and files shared in internal networks. This shift demonstrates how attackers have been evolving and how they look for new ways into their targets.
Today’s report includes two attacks – a phishing using a spoofing technique and a malicious archived .exe file. Each of these attacks show how the attacker gathers intelligence on their targets. CISO’s and security experts must always be on top of the recent trends and make sure their security vendor knows how to stop these new attacks.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.