Background image

Financial spear-phishing campaigns pushing RATs

On 12 May, the FBI Cyber Division issued a TLP:WHITE Private Industry Notification. This concerned a spear-phishing campaign distributing messages that masqueraded as financial institutions to push fake Windows apps containing remote access Trojans (RATs). The most recent attack impersonated a US-based financial institution to target an American renewable energy company. The spear-phishing email referenced …

Financial spear-phishing campaigns pushing RATs Read More »

WizardSpider using legitimate services as cloak of invisibility

Ransomware has continued to play a dominant role in the 2021 threat landscape alongside the unravelling SolarWinds saga and the recent wave of ProxyLogon attacks to deploy webshells on vulnerable Microsoft Exchange Servers [1, 2]. Since the start of the year, Cyjax analysts have tracked a malicious spam (malspam) campaign and cybercriminal operation, dubbed WizardSpider …

WizardSpider using legitimate services as cloak of invisibility Read More »

Royal Mail mass spam campaign targets UK

Since early February, Cyjax analysts have been tracking a mass spam campaign masquerading as Royal Mail parcel delivery notifications. We have observed large numbers of malicious domains being registered each day, typically using Namecheap as registrar and hosting service rather than any others. Multiple varieties of attacks have been detected that use both Royal Mail-themed …

Royal Mail mass spam campaign targets UK Read More »

Geopolitical and Cybersecurity Weekly Brief – 21 December 2020

The nexus between geopolitics and cybersecurity manifested in the announcement of a ‘highly sophisticated’ supply-chain attack against one of the biggest network management systems in the USA, SolarWinds. The attack, announced on 14 December, is now known to have affected the majority of Fortune 500 companies, US military and government, Intel, Microsoft, and many others …

Geopolitical and Cybersecurity Weekly Brief – 21 December 2020 Read More »

Fintech fraud in 2020

Financial Technology, or FinTech, comprises ‘computer programs and other technology used to support or enable banking and financial services’. The first ATM was opened in 1967 at Barclays bank branch in Enfield, UK. Since then, Fintech has evolved significantly to online banking and other platforms that facilitate the transfer and lending of money, making banking …

Fintech fraud in 2020 Read More »

Credential harvesting campaigns target governments and cybersecurity companies

Threat analysts at Cyjax have uncovered multiple mass credential harvesting campaigns that have recently been targeting cybersecurity companies, government entities, and organisations in a range of other sectors. Reverse engineering these campaigns revealed the attacker’s infrastructure and stolen data store. Throughout July and August 2020, we detected two separate credential harvesting campaigns targeting accounts for …

Credential harvesting campaigns target governments and cybersecurity companies Read More »

Scroll to Top