Each week, Phish Fryday features experts in phishing threat intelligence discussing the latest Tactics, Techniques, and Procedures used by threat actors and how to defend against them.
Cofense Intelligent Phishing Defense
Join Brad Boston, Christopher Burgess, and Rohyt Belani as they discuss the cybersecurity challenges facing CIOs and how organizations should respond.
Phishing threats take many forms and are used to deliver malware, steal credentials, and entice recipients into taking actions they will later regret. Despite advances in technology, these threats continue to reach inboxes and continue to succeed. In this episode, we speak with Ryan Olson of Palo Alto’s Unit 42 and Cofense Intelligence Product Manager Mollie MacDougall. Learn more: Phish Fryday – Emotet Returns Coronavirus InfoCenter COVID-19: The Cybercrime Gold Rush of 2020 Emotet Thread Hijacking, an Email Attack Technique Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – Phishing Threats with Palo Alto Unit 42 appeared first on Cofense. Phish Fryday – Phishing Threats with Palo Alto Unit 42 was first posted on October 2, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
For many organizations, financial transactions are a quick, intricate dance of payments, receivables, and reporting. It’s high stakes and high pressure. Drop a phish into the midst of this environment and bad things can happen. To discuss the role of finance in an organization and how attackers target the processes and pressures to commit cyber theft are Cofense CFO Mel Wesley, Cofense Co-founder and CTO Aaron Higbee, and Cofense Security Solution Advisor Tonia Dudley. Learn more: Real Phishing Threat Examples Cofense Submerge has gone Virtual Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – Phishing Finance appeared first on Cofense. Phish Fryday – Phishing Finance was first posted on September 11, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
According to the latest Ponemon Cost of Data Breach Report, over half of malicious breaches are financially motivated. When we follow the money, we see ransomware continuing to cause availability concerns, which can be addressed with mature disaster recovery plans. Not to be outdone, attackers are increasing their leverage to ensure a timely payment. Joining us this week are Cofense Cyber Threat Intelligence Analysts Brad Haas and Aaron Riley to talk about this latest move by threat actors. Learn more: Avaddon Ransomware Joins Data Exfiltration Trend Avaddon ransomware launches data leak site to extort victims Cofense Submerge has gone Virtual... The post Phish Fryday – Ransomware appeared first on Cofense. Phish Fryday – Ransomware was first posted on August 28, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
Identifying a phishing email is more than a yes/no, good/bad equation. If it’s bad, you need to know how bad it is. If my user clicked it, what happened? What do I need to do to protect my organization? Answering these questions requires a certain level of expertise with tools and strategies for analyzing malicious emails. Joining us this week is Cofense Director of Product Management Pete Smith to talk about the skills needed to break down an attack to understand the Indicators of Compromise that result from a successful attack. Learn more: Phishing attacks target locale-specific users Cofense Submerge... The post Phish Fryday – Phishing Defense Expertise appeared first on Cofense. Phish Fryday – Phishing Defense Expertise was first posted on August 14, 2020 at 7:28 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
What started out as a banking trojan has now evolved into one of the most widespread and disruptive botnets threatening organizations worldwide. Emotet. After a brief hiatus earlier in 2020, Emotet has returned with a new trick up its sleeve. Here to talk about the dangers of Emotet and how to reduce your vulnerability to it is Cofense Senior Research Engineer and resident Emotet expert Jason Meurer. Learn more: Emotet stealing attachments Previous discussion about Emotet on Phish Fryday Cofense Virtual Submerge Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – Emotet Returns appeared first on Cofense. Phish Fryday – Emotet Returns was first posted on July 31, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
As phishing attacks remain a top threat to organizations across the globe, it’s critical to understand just what tactics and techniques attackers are using. Few have the resources to defend against every possibility, and so we must consider the actual threat landscape versus the theoretical. In this episode, we speak with Max Gannon about Cofense’s latest phishing report – what we’re seeing in the wild and what the future may hold. Learn more: Mass Logger Malware Could Be Massive Why Qakbot is so Dangerous The Q1 2020 Phishing Review Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – Q2 2020 Phishing Review appeared first on Cofense. Phish Fryday – Q2 2020 Phishing Review was first posted on July 17, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
Security analysts need data – lots of data – to do their jobs defending organizations. It’s easy to drown in all the noise, though, and not be able to find attacks and respond quickly. In this episode we speak with IMAX Information Security Analyst Rob Sipthorpe to discuss the IMAX phishing defense program and how they’re cutting through the noise and finding bad fast. Learn more: IMAX Cofense Triage Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – Cutting Through the Noise at IMAX appeared first on Cofense. Phish Fryday – Cutting Through the Noise at IMAX was first posted on July 3, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
Cyber defenders are strapped for resources, having to constantly do more with less. The risks are many, the tools are multiplying, and yet the job continues to get harder. Here to talk about how automation and integration through API usage can improve cyber defenses are Pete Smith, Cofense Director of Product Management and Cofense Director of Technical Alliances Mike Saurbaugh. Learn more Cofense Triage Cofense Vision Cofense Intelligence Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – APIs and Automated Phishing Defense appeared first on Cofense. Phish Fryday – APIs and Automated Phishing Defense was first posted on June 26, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
Phishing continues to be one of the top attack vectors faced by companies. To address this, many organizations deploy a secure email gateway – SEG in InfoSec parlance. In this episode we speak with Cofense Co-founder and CTO Aaron Higbee and Cofense Security Solution Advisor Tonia Dudley about the history and functionality of SEGs and why they aren’t the panacea they claim to be. Additional Resources Gartner retires their secure email gateway Magic Quadrant Phish Fryday – Cloud Services in Phishing Attacks Get the lowdown on SEGs Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – Secure Email Gateways appeared first on Cofense. Phish Fryday – Secure Email Gateways was first posted on June 19, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
With credential theft making up a large portion of phishing attacks, many organizations wisely turn to MultiFactor Authentication (MFA) to protect the credentials of their employees. Attackers, however, are upping their game to continue gaining access to corporate accounts. Cofense Threat Analyst Elmer Hernandez joins us this week to discuss a particular attack observed by Cofense that leverages OAuth2 and OpenID Connect instead of passwords. Learn more OAuth2 Attack Bypasses MFA Google Docs Scam Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – OAuth2 Phishing Attacks appeared first on Cofense. Phish Fryday – OAuth2 Phishing Attacks was first posted on June 5, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
The very act of running an organization includes risk. Successful business leaders understand what those risks are and how to manage them. Operating information systems is no different – they are at risk by nature, but IT and security teams need to recognize those risks and manage them successfully. Here to talk about risk management and phishing defense is Pete Smith, Cofense Director of Product Management for our Triage and Vision phishing defense solutions. Learn more Cofense Triage Cofense Vision Cofense Intelligence Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – Risk Management and Phishing Defense appeared first on Cofense. Phish Fryday – Risk Management and Phishing Defense was first posted on May 29, 2020 at 7:29 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
Organization seek out security through various means – risk analysis, regulatory compliance, alignment to security frameworks – but can never really be sure they are secure. That’s where pentesting comes in – evaluating security controls through an attack methodology. Given the prevalence of phishing in compromises and breaches, how does pentesting take advantage of this? Here to discuss pentesting and its importance in phishing defense is Soteria co-founder Paul Ihme. Learn more Soteria Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – Pentesting and Phishing Defense appeared first on Cofense. Phish Fryday – Pentesting and Phishing Defense was first posted on May 22, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
Even with users reporting phishing attacks and the best analysis and response tools, there’s a chance someone has already become a victim. Security teams must race the clock to find Indicators of Compromise to identify infected endpoints and spreading malware. In this episode, we’re joined by Alan Rainer, Senior Threat Analyst at Kivu Consulting to discuss how phishing defenders can go beyond the inbox to find and neutralize threats. Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – Beyond the Inbox appeared first on Cofense. Phish Fryday – Beyond the Inbox was first posted on May 15, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
Phishing remains one of the top threat vectors used by attackers to breach corporate defenses to inflict harm and make money. Each quarter, Cofense Intelligence analyzes vast quantities of phishing attacks both reported by customers and discovered in other proprietary sources. In this episode, we’re joined by Cofense Cyber Threat Intelligence Analyst and lead author of our Q1 2020 Phishing Review, Aaron Riley. Resources: Cofense Q1 2020 Phishing Review Cofense Intelligence Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – Q1 2020 Phishing Review appeared first on Cofense. Phish Fryday – Q1 2020 Phishing Review was first posted on May 8, 2020 at 9:13 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
Cybersecurity professionals are noted for their suspicious nature. They have to have it. But, whereas we can imagine a million threat vectors, there’s only so much time in the day and we’re forced to prioritize where we spend our resources protecting our organization. That’s where threat intelligence comes in. Active threats and tactics – seen in the wild – can be more important to your organization’s defense than all the 0-days your mind can imagine. To discuss the pragmatic application of threat intelligence is Cofense Manager of Intelligence Solutions Engineering, Wes Smiley. Resources: Cofense Intelligence Questions or comments? Reach us... The post Phish Fryday – Pragmatic Threat Intelligence appeared first on Cofense. Phish Fryday – Pragmatic Threat Intelligence was first posted on May 1, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
Phishing attacks are different than other attacks – they tend to be technology light and social manipulation heavy. Defending against these attacks requires a unique set of skills and tools. In this episode we speak with Cofense Director of Product Management Pete Smith to discuss the tools and skills needed for effective phishing defense. Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – Phishing Defense appeared first on Cofense. Phish Fryday – Phishing Defense was first posted on April 24, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
The current COVID-19 pandemic has organizations scrambling to setup remote work options for their employees. As technology is hastily rolled out and policies are updated, anxious users are looking for guidance and support. Threat actors, taking advantage of the situation, are using this gap in information to execute successful phishing campaigns. In this episode we speak with Cofense Co-founder and CTO Aaron Higbee and Cofense Security Solutions Advisor Tonia Dudley to discuss attacks we’re seeing as well as some tips to protect your workforce. Mentioned in this episode: WebEx Phishing Campaign Remote Work Infocenter Questions or comments? Reach us at... The post Phish Fryday – Remote Work Security appeared first on Cofense. Phish Fryday – Remote Work Security was first posted on April 17, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
Phishing threat actors constantly tweak and tune their attacks to evade secure email gateways to reach user inboxes. When that happens, your best users will report those attacks to security, giving you a jump on neutralizing the threat. In this episode, we speak with Ashley Tran, Threat Analyst in Cofense’s Phishing Defense Center, about the threats she and her team have been seeing lately as customers report the latest attacks. Mentioned in this episode: YouTube Phishing Redirects Coronavirus Infocenter Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – Phishing Trends from the Front Lines appeared first on Cofense. Phish Fryday – Phishing Trends from the Front Lines was first posted on April 10, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
Cyber defense goes beyond following a book of best practices. It requires awareness of current threats and how to defend against those threats, otherwise the amount of “what ifs” will overwhelm a security team. In this episode, we speak with Mollie MacDougall, Intelligence Product Manager at Cofense, about the role of threat intelligence in phishing defense. Mentioned in this episode: Cofense Intelligence Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – Threat Intelligence in Phishing Defense appeared first on Cofense. Phish Fryday – Threat Intelligence in Phishing Defense was first posted on April 3, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
Risk management is more than just ensuring bad things don’t happen. There are some risks that can’t be adequately mitigated and organizations look to risk transference, such as insurance, to help protect them. In this episode, we speak with Darren Thomson, head of Cyber Security Strategy at CyberCube, to discuss the role of cyber insurance in cyber risk management. Mentioned in this episode: CyberCube Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – Cyber Insurance and Risk Management appeared first on Cofense. Phish Fryday – Cyber Insurance and Risk Management was first posted on March 27, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
While phishing attacks and ransomware affect all industries, healthcare is particularly vulnerable. Medical equipment running outdated software, limited budgets, and a need to provide lifesaving actions without delay increase cyber risk beyond the confidentiality demands of HIPAA. In this episode, we speak with Gerald Auger, a Security Architect with the Medical University of South Carolina about the challenges the healthcare industry faces. Mentioned in this episode: Wood Ranch Medical closes due to ransomware attack Health Industry Cybersecurity Practices Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – Phishing and Ransomware in Healthcare appeared first on Cofense. Phish Fryday – Phishing and Ransomware in Healthcare was first posted on March 20, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
With much of the world focused on COVID-19, or Coronavirus, attackers are taking advantage of the resulting concern to target potential victims with Coronavirus-themed scams. A result of this is the decision to use these scams as part of phishing awareness training. In this special episode, we speak with Cofense Co-Founder and Chief Technology Officer Aaron Higbee and Security Solution Advisor Tonia Dudley to talk about Cofense’s stance towards the use of these templates and how organizations can balance the need to keep their people informed but protected. Links mentioned in the show: Jake Williams’ (@Malwarejake) Twitter Poll Cofense Coronavirus... The post Phish Fryday – Coronavirus and Awareness Training appeared first on Cofense. Phish Fryday – Coronavirus and Awareness Training was first posted on March 13, 2020 at 4:34 pm.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
When a phishing attack hits a user’s inbox, you know your perimeter defenses have failed, leaving it up to your humans to detect and report the attack. This doesn’t happen by chance. It takes a sound phishing awareness program to tune a user’s senses to suspicious emails and educate them on how to report. In this episode, we speak with Cofense Chief Technology Officer Aaron Higbee and Security Solution Advisor Tonia Dudley to talk about the goals of these programs and how to mature them to protect your organization. Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – Phishing Awareness Programs appeared first on Cofense. Phish Fryday – Phishing Awareness Programs was first posted on March 13, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
With over 90% of malware being distributed by email (according to the 2019 Verizon DBIR), malspam is a serious concern for phishing defenders. Cofense has recently seen new methods used by attackers to make it even harder for researchers to analyze their malicious payloads. In this episode we speak with Cofense Cyber Threat Intelligence Analyst Max Gannon about what these new methods are, the challenges they present to defenders and researchers, and what we can do to protect ourselves. Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – Encrypted Loaders appeared first on Cofense. Phish Fryday – Encrypted Loaders was first posted on March 6, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
Cofense Intelligence recently released their strategic analysis of malware trends of the last quarter of 2019, along with some predictions for the coming year. In our previous episode, we looked at some of the trends seen at the end of last year. In this second part, we speak with two key contributors on the report, Cofense Cyber Threat Intelligence Analyst Max Gannon and Senior Intelligence Specialist Alan Rainer as they look ahead as to what organizations should be anticipating in the threat landscape and how to prepare for them. For more information on topics mentioned in this episode, please visit:... The post Phish Fryday – 2019 Q4 Malware Trends – Part 2 appeared first on Cofense. Phish Fryday – 2019 Q4 Malware Trends – Part 2 was first posted on February 28, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
Cofense Intelligence recently released their strategic analysis of malware trends of the last quarter of 2019, along with some predictions for the coming year. In this 2-part episode, we speak with two key contributors on the report, Cofense Cyber Threat Intelligence Analyst Max Gannon and Senior Intelligence Specialist Alan Rainer. In part 1, we’ll discuss the evolutionary nature of attacks at the end of 2019, including 4 key pieces of malware of note. In part 2, we’ll look ahead as to what organizations should be anticipating in the threat landscape and how to prepare for them. For more information on... The post Phish Fryday – 2019 Q4 Malware Trends – Part 1 appeared first on Cofense. Phish Fryday – 2019 Q4 Malware Trends – Part 1 was first posted on February 21, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
Agent Tesla appeared on the malware scene in 2014 as a simple keylogger. We’ve seen this malware expand capabilities over the years, making it still one of the more popular types of malware distributed in phishing attacks. In this episode we speak with Cofense Cyber Threat Intelligence Analyst Aaron Riley about the history of Agent Tesla, how it evolved, and how to defend against it. For more information on topics mentioned in this episode, please visit: Agent Tesla is a Top Phishing Threat Krebs on Security – Who Is Agent Tesla? CVE-2017-11882 – Microsoft Equation Editor Vulnerability Questions or comments?... The post Phish Fryday – Agent Tesla appeared first on Cofense. Phish Fryday – Agent Tesla was first posted on February 14, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
Back in 2017, Microsoft announced a vulnerability in their Equation Editor, dubbed CVE-2017-11882. This memory corruption vulnerability allowed attackers to execute malicious code in the context of the exploited user. Here we are in 2020 and the vulnerability is still be exploited in phishing attacks. In this episode we speak with Cofense Cyber Threat Intelligence Analyst Max Gannon about what the vulnerability is, why it’s still being exploited, and what organizations can do to better defend against these attacks. For more information on topics mentioned in this episode, please visit: NIST CVE Details Cofense “Patch or Pass” blog post Questions... The post Phish Fryday – Phishing with the Microsoft Equation Editor Vulnerability appeared first on Cofense. Phish Fryday – Phishing with the Microsoft Equation Editor Vulnerability was first posted on February 7, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
2019 saw an increase in ransomware attacks against public organizations, as we witnessed numerous headlines reporting outages and ransom demands. With ransom payments being made, should we expect to see these attacks increase? In this episode we speak with Cofense Cyber Threat Intelligence Analyst Aaron Riley about what we saw and what we should be planning for in the coming year. For more information on topics mentioned in this episode, please visit: EMSISoft State of Ransomware Report Cofense – Ransomware in 2020 Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – Ransomware Trends appeared first on Cofense. Phish Fryday – Ransomware Trends was first posted on January 31, 2020 at 12:10 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
URL Scanners are a great way to investigate potentially malicious websites in a low-risk way. Attackers, however, are adapting to these tools to escape detection and keep the pressure on defenders. In this episode, we speak with Cofense Security Consultant Chris Hall to discuss the usefulness of these scanners, how attackers are adapting, and what these scanner services may need to do to stay useful. For more information on topics mentioned in this episode, please visit: Are URL Scanning Services Accurate for Phishing Analysis? VirusTotal URLScan.io REMnux Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – URL Scanners as Part of Phishing Defense appeared first on Cofense. Phish Fryday – URL Scanners as Part of Phishing Defense was first posted on January 24, 2020 at 12:15 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
Automation with macros in Microsoft Office documents has been with us for decades. The abuse of these macros has been with us for almost as long, as attackers leverage the functionality – and the common permissions needed to run them – to cause considerable harm to organizations. In this episode, we speak with Cofense Cyber Threat Intelligence Analyst Max Gannon to discuss the latest phishing threats and how they leverage macros to compromise organizations. For more information on topics mentioned in this episode, please visit: Complimentary Threat Alerts PowerShell Scripts Delivered by Office Macros Geodo Malware Campaigns Questions or comments?... The post Phish Fryday – Office Macros in Phishing Attacks appeared first on Cofense. Phish Fryday – Office Macros in Phishing Attacks was first posted on January 17, 2020 at 12:15 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
Cloud platforms, such as Google Docs, Microsoft OneDrive, and Dropbox provide tremendous value to organizations looking to collaborate. Unfortunately, there are plenty of attackers willing to leverage our trust in these platforms for their own gain. On this week’s episode, we speak with Cofense Senior Intelligence Specialist Alan Rainer about the various ways attackers are using these technologies to bypass defenses and distribute malware and execute phishing campaigns. For more information on topics mentioned in the discussion, please check out the following articles: Raccoon Stealer The UK Ministry of Justice Campaign Agent Tesla The post Phish Fryday – Cloud Services in Phishing Attacks appeared first on Cofense. Phish Fryday – Cloud Services in Phishing Attacks was first posted on January 10, 2020 at 12:15 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
As the situation between Iran and the United States escalates, there has been considerable speculation as to how Iran might respond to the recent actions of the US. In this episode, we speak with Mollie MacDougall, an expert on cyber and international security and the Product Manager for Cofense Threat Intelligence, to learn more about Iran’s cyber capabilities and their history in the use of cyberattacks. The post Phish Fryday – Tension between Iran and the US Increases Cyber Threat appeared first on Cofense. Phish Fryday – Tension between Iran and the US Increases Cyber Threat was first posted on January 6, 2020 at 3:25 pm.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
The Emotet botnet has undergone quite a few changes in 2019 and Cofense Senior Research Engineer Jason Meurer joins us to discuss the latest variations. What has changed and how can organizations continue to detect and protect themselves from Emotet? Tune in to find out. For more background on Emotet and the latest Cofense Research, help yourself to our blog posts: Want to simulate a holiday phish? This one’s from your friends at Emotet. Emotet Modifies Command & Control URI Structure Emotet Malicious Phishing Campaigns Return in Force The post Phish Fryday – The Latest on Emotet appeared first on Cofense. Phish Fryday – The Latest on Emotet was first posted on January 2, 2020 at 11:35 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com
Phishing threats are constantly changing, as attackers try to bypass security controls and reach your users’ inboxes. SOC teams have to analyze and respond to a flood of suspicious email reports and keeping up with the latest threats is a challenge – there just isn’t enough time in the day! But Phish Fryday is here to help. Each week, Phish Fryday, hosted by Steven Cardinal, will bring you expert interviews covering the latest phishing threats – how they work and how to defend against them. We’ll also give you a glimpse into our threat analysis techniques so that you can... The post Coming Soon: Phish Fryday appeared first on Cofense. Coming Soon: Phish Fryday was first posted on December 16, 2019 at 1:00 am.©2018 "Cofense". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at pmit@cofense.com