Phishing campaigns continue to increase globally. These operations offer an easy route for cybercriminals to generate revenue, steal credentials and spread malware. Cyjax has recently investigated a sophisticated, large-scale phishing campaign that exploits the reputation of international, trusted brands, and targets businesses in multiple verticals including retail, banking, travel, pharmaceuticals, travel and energy. We are …
Cyjax analysts have analysed a long-running AgentTesla infostealer campaign targeting Dubai and the United Arab Emirates (UAE). The campaign began in at least January 2021 and the samples we gathered continued, almost daily, until May 2021. We have also seen new samples compiled in October 2021. Unlike most AgentTesla campaigns, the targeting focused heavily on …
Persistent AgentTesla campaign targeting the UAE Read More »
Cyjax analysts have uncovered a large credential harvesting campaign targeting multiple government departments in APAC and EMEA countries. Over 50 hostnames were analysed, many of which were posing as the Ministry of Foreign Affairs, Ministry of Finance, or Ministry of Energy, in various countries such as Uzbekistan, Belarus, and Turkey; as well as the Main …
EMEA and APAC governments targeted in widespread credential harvesting campaign Read More »
On 12 May, the FBI Cyber Division issued a TLP:WHITE Private Industry Notification. This concerned a spear-phishing campaign distributing messages that masqueraded as financial institutions to push fake Windows apps containing remote access Trojans (RATs). The most recent attack impersonated a US-based financial institution to target an American renewable energy company. The spear-phishing email referenced …
Cyjax has partnered with Security Magazine to bring you a monthly Cybersecurity and Geopolitical vodcast hosted by Chief Information Security Officer (CISO) of Cyjax, Ian Thornton-Trump, and Tristan de Souza (Editor and Head of Communications), in which they ruminate on the enmeshing of cybersecurity and geopolitics and the new challenges and intriguing flashpoints these bring to enterprise …
Cybersecurity and Geopolitical Vodcast (in partnership with Security Magazine) Read More »
Phishing is nothing new: it has been around in some form since the earliest days of the internet and before – even postal mail had its own forms of phishing (and still does). Since the turn of the millennium, however, online services have boomed, creating an ever-increasing pool of targets for convincing phishing lures intended …
On 30 October, Cyjax analyst William Thomas presented his talk on the phishing threat landscape at BeerCon2: Rise of the Rookie. The presentation was wide-ranging and included an exploration of threat actors leveraging the cloud to support delivery, bypassing defence mechanisms, and the top-tier threats in this ecosystem. Will’s talk can be found on the …
Gone Phishin’ – Cybersecurity presentation with William Thomas Read More »
Introduction It is imperative to understand the threats and vulnerabilities facing one’s organisation to mitigate the associated risk of a cyberattack. We are regularly asked to define the biggest cybersecurity challenges. Inevitably, they are the same: vulnerability management to reduce the attack surface; phishing attacks (which still account for over 90% of initial compromise and …
Cyjax researchers have observed a recent malicious spam campaign pushing commodity malware such as the AgentTesla infostealer and AveMaria remote access Trojan (RAT). This campaign caught our attention due to its reliance on Discord, the instant messaging and VoIP application, to host its payloads. The spam emails are sent from spoofed sender addresses and masquerade …
The darknet is often characterised as an autonomous entity, detached from the economic and social realities affecting the clearnet. This view is reinforced by the popular but flawed iceberg analogy: where the clearnet is the small tip of the iceberg, and the darknet is the bulk hidden below, dangerous to the boats floating above but …
