Awareness of the variations of phishing email attacks is a big step in defending against them – that I why I always try and post about any in depth analysis of phishing emails and their payloads that SANS Internet Storm Centre runs. HTML phishing attachments – now with anti-analysis features …
Dangerous malware – it’s only function is to deceive you into clicking something…
Getting the word out to you, about the wide range of phishing emails and their associated social engineering tricks actually active in the wild, is one of the ain reasons this blog exists. Many of our clients use this blog as a resource as a link to the multitude of …
Continue reading “Dangerous malware – it’s only function is to deceive you into clicking something…”
More on Bumblebee malware – detailed attack examination
Following the emergence of Bumblebee malware as a significant threat, SANS INternet Storm has a post looking at the function of the malware and transferring ISO files. Bumblebee Malware from TransferXL URLs – SANS Internet Storm Centre This is an excellent post by Brad and not only shows you the …
Continue reading “More on Bumblebee malware – detailed attack examination”
Make money fast – the classic social engineering phishing campaign
I try and highlight the variety of social engineering phishing emails doing the rounds as awareness among your people about the ways they are having their trust exploited, when they check their email, is essential for them to beat the threat actors. Here is another one taken apart by the …
Continue reading “Make money fast – the classic social engineering phishing campaign”
Life cycle of a vulnerability
I spend a lot of time with clients, in training courses and on this blog, explaining the significance of the “zero day” issue and how every organisation (and individual) needs to have a plan to deal with it. This post from SANS Internet Storm looks at the life cycle of …