Office 365 Archives

Office 365 credential-harvesting campaign leveraging Basecamp

Cyjax analysts recently uncovered an Office 365 credential-harvesting campaign that masquerades as “A Message from Your CEO”. The delivery system leveraged in these attacks uses multiple techniques to bypass secure email gateways (SEG), one of which has surfaced again in a BazarLoader infection chain. This technique is effective because Basecamp and Google Cloud hosting are …

Office 365 credential-harvesting campaign leveraging Basecamp Read More »

Credential harvesting campaigns target governments and cybersecurity companies

Blog / By William Thomas

Threat analysts at Cyjax have uncovered multiple mass credential harvesting campaigns that have recently been targeting cybersecurity companies, government entities, and organisations in a range of other sectors. Reverse engineering these campaigns revealed the attacker’s infrastructure and stolen data store. Throughout July and August 2020, we detected two separate credential harvesting campaigns targeting accounts for …

Credential harvesting campaigns target governments and cybersecurity companies Read More »

Geopolitical and Cybersecurity Weekly – 26 May 2020

Blog / By Tristan de Souza

COVID-19 Cybersecurity Update The US Federal Trade Commission (FTC) has warned users about scam coronavirus (COVID-19) contact tracing texts. There has been an increasing number of SMiShing messages asking users to click a malicious link. The FTC claims that clicking the link will download software onto the device, enabling scammers access to personal and financial …

Geopolitical and Cybersecurity Weekly – 26 May 2020 Read More »

Geopolitical and Cybersecurity Weekly – 11 May 2020

Blog / By Tristan de Souza

COVID-19 Cybersecurity Update Internet and cloud providers have been challenged to reliably handle increased traffic and bandwidth strain due to the sudden shift to remote working. Between March and April, there was a 17 per cent increase in the number of DDoS attacks from the previous peak (in 2019), with over 864,000 DDoS attacks observed …

Geopolitical and Cybersecurity Weekly – 11 May 2020 Read More »

Special delivery: common malware propagation methods

A-Z of Cyber, Awareness Hub, Blog / By Cymon

In this post, we hope to demystify some of the most common malware delivery methods that modern threat actors use to deliver their malicious payloads. Understanding how these methods work is essential to spotting malicious activity in your organisation and potentially saving both money and time spent on recovery. This is by no means an …

Special delivery: common malware propagation methods Read More »