A unique example of an Account Takeover (ATO): an “injected” email turns out to be an attempt to insert malware as part of a “normal” email correspondence. This is great evidence for the ultimate social engineering attack, showing how attackers are ever evolving, and that everyone needs account takeover protection.
Perception Point’s unique X-Ray app enhances threat protection with game-changing incident containment across all users and channels
Perception Point has once again discovered a new attack trend hitting our clients. Perception Point intercepted this new attack campaign through its Advanced Cloud Storage Security solution. In this attack, we will show how attackers are leveraging OneDrive in order to evade detection and take advantage of a new attack vector.
In the following incident, it is very interesting to see how the attackers have improved their messaging and framework significantly to try trick the end-users. Just in the design there are several aspects to point out that are used to lure the end-user to follow the path as set by the attacker: Display name spoofing: […]
Perception Point continues to bring you the latest in coronavirus-themed attacks, trying to show you the wide variety that we see daily. In the following update, one can see that attackers have been improving their messaging and are using the pandemic as a “background story” to the ongoing business handled between them and the targets. […]
Why Perception Point Topped SE Labs’ Independent Email Security Testing.
As the Coronavirus continues to keep organizations world wide working remotely, Perception point continues to see more and more “COVID-19” themed attacks. As always, they are improving in their sophistication and evasion. Below is an overview of 2 new attacks caught by our system, with an in-depth malware analysis of one of the campaigns
Overview. Today we present a blog that combines two main trends: (i) The use of collaboration channels to spread malware (Salesforce) and (ii) The increase in attackers’ sophistication and evasion techniques. In this case, the malicious actor tried to attack via the most popular CRM application in the world – Salesforce. This new “open vector” […]
Today’s blog shows an interesting change in the way attackers act. Unlike previous incidents we published, this report lays out Coronavirus-themes attacks which are not originated from email but though other collaboration channels, such as cloud storage platform and files shared in internal networks. This shift demonstrates how attackers have been evolving and how they look for new ways into their targets.
The following attack presented in this report is only one of many our system has prevented in the last couple of weeks. It is now being used extensively in COVID-19 campaigns. In this example, we show how the malware operates and present the execution chain. We welcome you to contact us to discuss this attack […]
Today’s report includes two attacks – a phishing using a spoofing technique and a malicious archived .exe file. Each of these attacks show how the attacker gathers intelligence on their targets. CISO’s and security experts must always be on top of the recent trends and make sure their security vendor knows how to stop these new attacks.
Perception Point continues to see more coronavirus-themed attacks, which seem to continuously increase by the day. Some of these campaigns have added new levels of complexity, such as the use of evasion techniques, as well as evolving with the attack story line itself. In the following update we collected three new attack campaigns and one […]
Perception Point continues to see more coronavirus-themed attacks, which seem to increase in quantities and improve in quality, by the day. In the following update we collected 3 different phishing attacks which demonstrate how attackers have evolved. We would like to highlight the “Key notes” for Phishing Campaign #2. These insights give CISOs and security experts additional […]
In this blog we provide COVID-19-themed cyberattack examples, focusing on COVID-19 malware attacks and phishing attempts.
In this post we provide examples of COVID-19 campaigns, caught by our advanced threat detection platform and analyzed by our IR team.
In this post, we discuss some of the COVID-19 phishing campaigns caught by our anti-phishing engine and analyzed by our IR team.
In this post we discuss a phishing technique that tricks users into thinking an image of the attached file can be opened in snapshot mode.
In Linux, the API to change memory protection is called Mprotect or pkey_mprotect, and both operate on the current process’ address space.
In this post we take inspiration from Kurt Gödel looking at the system from an outsider’s point of view to detect malware.