Perception Point’s advanced email security service managed to intercept thousands of attack emails impersonating DocuSign, utilizing the Hancitor Malware. The following blog details this alarming attack.
Be aware. Attackers are impersonating legitimate brands, attaching to emails an HTML file containing a fake log-in page, intended for harvesting credentials. To complete the disguise, they finish with redirecting to the real brand website.
In this campaign, the attacker conceals malicious payload by deeply embedding it within multiple types of content and using different evasion techniques. Perception Point's IR team found loopholes and was able to backtrack his steps to understand his techniques.
Since its inception, Perception Point has been scanning billions of emails, URLs and files every week. Most of the time, Perception Point clients already have at least one email security solution in place.
The adoption of cloud email is increasing every year, with Google Workspace and Microsoft Office 365 dominating. And now, a new report by Gartner noted that many clients have expressed dissatisfaction with default email security solutions, specifically citing Office 365.
Zoom is growing quickly, which is good and bad. Good because it makes it easy to work from home, and bad because it's a security risk. Once a log-in page is necessary (such as in Zoom)—a new loophole for stealing credentials is created.
A unique example of an Account Takeover (ATO): an “injected” email turns out to be an attempt to insert malware as part of a “normal” email correspondence. This is a great evidence for the ultimate social engineering attack, showing how attackers are ever evolving.
A detailed, to-the-point analysis of the most phished brands in email attacks and the importance of asset-based protection as c. 50% of attacks are actually related to the targeted company and its stakeholders.
Fake Alert! Attackers now phish for user's credentials using fake email and web pages of Microsoft Planner and Microsoft Teams. Read the full report to stay on top of the trend and see what you can do about it.
What happens if you take a pinch of social engineering, a grain of evasion, and throw some anonymization techniques into the mix? Well, a perfect recipe for phishing. Check this example to see how attackers try to lure end-users to act wrongfully.
Attackers are ever-improving. See how they learned to leverage SendGrid to gain from two main benefits: evading email security measures and improve their trial and error process to improve their attack success rate.
Perception Point’s platform intercepted a unique, 3-stage attack that uses multiple evasion techniques, in order to infiltrate the targeted organization. In this post, we will present the complex attack and how Perception Point’s unique engines prevented it.
Perception Point has once again discovered a new attack trend hitting our clients. Perception Point intercepted this new attack campaign through its Advanced Cloud Storage Security solution. In this attack, we will show how attackers are leveraging OneDrive in order to evade detection and take advantage of a new attack vector.
As the Coronavirus continues to keep organizations world wide working remotely, Perception point continues to see more and more “COVID-19” themed attacks. As always, they are improving in their sophistication and evasion. Below is an overview of 2 new attacks caught by our system, with an in-depth malware analysis of one of the campaigns
Today’s blog shows an interesting change in the way attackers act. Unlike previous incidents we published, this report lays out Coronavirus-themes attacks which are not originated from email but though other collaboration channels, such as cloud storage platform and files shared in internal networks. This shift demonstrates how attackers have been evolving and how they look for new ways into their targets.
Today’s report includes two attacks – a phishing using a spoofing technique and a malicious archived .exe file. Each of these attacks show how the attacker gathers intelligence on their targets. CISO’s and security experts must always be on top of the recent trends and make sure their security vendor knows how to stop these new attacks.