Attack Trends.

Stay ahead of the “attack waves” with in-depth analysis of key incidents and understand what’s trending among today’s malicious actors.

A Recipe for Phishing

What happens if you take a pinch of social engineering, a grain of evasion, and throw some anonymization techniques into the mix? Well, a perfect recipe for phishing. Check this example to see how attackers try to lure end-users to act wrongfully.

“Accept Phishing Message” – The SendGrid Scheme

Attackers are ever-improving. See how they learned to leverage SendGrid to gain from two main benefits: evading email security measures and improve their trial and error process to improve their attack success rate.

The Triple Trouble: 3-Stage Phishing.

Perception Point’s platform intercepted a unique, 3-stage attack that uses multiple evasion techniques, in order to infiltrate the targeted organization. In this post, we will present the complex attack and how Perception Point’s unique engines prevented it.

Faking a Bank: Attackers Target Chase Bank Customers

Perception Point has identified attempts to phish Chase clients. Read this short blog to see how the attacker tried to impersonate to a prominent bank and how Perception Point prevented these attacks.

New Cyber campaign leveraging OneDrive.

Perception Point has once again discovered a new attack trend hitting our clients. Perception Point intercepted this new attack campaign through its Advanced Cloud Storage Security solution. In this attack, we will show how attackers are leveraging OneDrive in order to evade detection and take advantage of a new attack vector.

Phishing Campaign Trend: Microsoft Teams.

In the following incident, it is very interesting to see how the attackers have improved their messaging and framework significantly to try trick the end-users.…

COVID-19 – Update on New Cyber Campaigns.

Perception Point continues to bring you the latest in coronavirus-themed attacks, trying to show you the wide variety that we see daily. In the following…

Phishing Attempt Using Slack Referrer URL.

In this update, we will show how attackers are leveraging Slack referrer URL in order to lead victims to phishing pages, thus evading legacy solutions.

COVID-19 – Update on New Cyber Campaigns.

As the Coronavirus continues to keep organizations world wide working remotely, Perception point continues to see more and more “COVID-19” themed attacks. As always, they are improving in their sophistication and evasion. Below is an overview of 2 new attacks caught by our system, with an in-depth malware analysis of one of the campaigns

The Salesforce Loophole.

Overview. Today we present a blog that combines two main trends: (i) The use of collaboration channels to spread malware (Salesforce) and (ii) The increase…

COVID-19 – When the Virus Spread to New Channels.

Today’s blog shows an interesting change in the way attackers act. Unlike previous incidents we published, this report lays out Coronavirus-themes attacks which are not originated from email but though other collaboration channels, such as cloud storage platform and files shared in internal networks. This shift demonstrates how attackers have been evolving and how they look for new ways into their targets.

COVID-19 – The Excel Puzzle.

The following attack presented in this report is only one of many our system has prevented in the last couple of weeks. It is now…

COVID-19 – Update on New Cyber Campaigns.

Today’s report includes two attacks – a phishing using a spoofing technique and a malicious archived .exe file. Each of these attacks show how the attacker gathers intelligence on their targets. CISO’s and security experts must always be on top of the recent trends and make sure their security vendor knows how to stop these new attacks.

COVID-19 – Update on New Cyber Campaigns.

Perception Point continues to see more coronavirus-themed attacks, which seem to continuously increase by the day. Some of these campaigns have added new levels of…

Phishing Alert: GitHub Website Spoofing.

Over the last few days, Perception Points system has detected an increasing number of incidents that are attempting to steal GitHub user credentials. In this specific attack…

COVID-19 – Update on New Cyber Campaigns.

Perception Point continues to see more coronavirus-themed attacks, which seem to increase in quantities and improve in quality, by the day. In the following update…

COVID-19 – Update on New Cyber Campaigns.

Perception Point intercepts coronavirus-themed attacks on a daily basis. Attackers have already started to improve their methods and are showing greater creativity in designing the…

COVID-19 – Update on New Cyber Campaigns.

With the ongoing unfortunate situation of the Coronavirus continuing to happen all around us, attackers are taking advantage of both the situation and vulnerable individuals…

When Google is a Fertile Ground for Phishing.

In a Nutshell Our system has been identifying phishing campaigns on an hourly basis. In this blog, we will show how attackers take their creativeness…

BEC Attack: Mimecast Spoofing.

BEC attacks are on the rise. Over the last several months, our system has been identifying BEC attempts against our clients on an hourly basis.…

Campaign Alert: G-Suite Phishing.

Perception Point has detected a widespread campaign targeting multiple clients, in multiple countries, across a variety of industries. The one common factor is that they…

Campaign Alert: You (almost) have been compromised!

Within days of launching our anti-impersonation capabilities, we have detected within our clients multiple attack attempts using BEC techniques. What is Business Email Compromise? BEC or…

Incident Report: A Combined Attack.

Combining Attack Vectors. Perception Point intercepted an email thread that combined all currently popular attack vectors; impersonation, encrypted archive and a malicious macro.  Impersonation The…

Incident Report: Statement of Account.

We recently detected a widespread attack on one of our customers. Within an organization of 7,000 employees, 229 users received the same email. In these…

Campaign Alert: Call me ASAP.

We have identified what appears to be a widespread campaign targeting several of our clients. In this campaign, the attacker utilizes a call back request…

Incident Report: Composite Moniker.

CVE-2017-8570. We recently intercepted a RTF document that leverages CVE-2017-8570, a.k.a the “Composite Moniker” vulnerability. The document contains an ole object that loads the “composite moniker”…

Incident Report: CV or Cyber Vector.

Would You Hire a Hacker? Would you? One of clients HR department received an email containing a Resume. The email stated that the attached word…

Incident Report: Trust Fibonacci.

The Fibonacci Backdoor. Perception point detected an attack sent to users via email. The backdoor grants the attacker control to remotely execute commands on the…

Incident Report: Fax Attack.

Explanation. An analysis of an attempt attack identified by Perception Point’s platform. Recently we detected an attempt to leverage a known service, EFax, which is…

Incident Report: AP28 – Fancy Bear.

What is Fancy Bear? APT28, a highly advanced attack also known as Fancy Bear, is associated with the Russian military intelligence agency GRU. Recently, The…

Incident Report: Malicious Macro.

Perception Point’s platform recently caught an advanced threat directed at one of our customers within a Microsoft Word file. Our Incident Analysis report below provides…

TALK TO SALES

Ready to Try
Perception Point?