Google has historically served as a prominent platform for such malicious advertisements. However, Bing is now increasingly susceptible to becoming a target due to its tight integration with the Windows ecosystem and the Edge browser. Bing searches are being manipulated to redirect users to a counterfeit website closely resembling the legitimate NordVPN site. To further deceive users, the threat actors attempted to digitally sign a malicious installer and hosted it on Dropbox.

Confucius once said famously, “A man who does not plan long ahead will find trouble at his door.” No truer words could be spoken about today’s cyberthreat landscape. According to Cybersecurity Magazine, ransomware attacks are predicted to surge from occurring every 11 seconds now, to every two seconds over the next decade. As such, business continuity planning has never been more significant to individuals and organizations.

Recently, we observed a phishing campaign targeting the Latin American region. The phishing email contained a ZIP file attachment that when extracted reveals an HTML file that leads to a malicious file download posing as an invoice. Figure 1. Phishing email sample with zip file attachment Upon checking the email header, we see that it has an email address format that uses the domain ‘temporarylink’.

In the landscape of modern application development and deployment, Kubernetes has transcended its adoption phase to become a cornerstone technology for organizations worldwide. According to the Cloud Native Computing Foundation (CNCF), a staggering 96% of organizations are actively using or evaluating Kubernetes, with over 5.6 million developers worldwide embracing its capabilities.

A trojanized version of the McAfee Security app is installing the Android banking Trojan “Vultur,” according to researchers at Fox-IT. The attackers are spreading links to the malicious app via text messages and phone calls. “In order to deceive unsuspecting individuals into installing malware, the threat actors employ a hybrid attack using two SMS messages and a phone call,” the researchers write.

Researchers discover a new version of the Tycoon 2FA AiTM kit, a phishing attack disguises keylogger as bank payment notice, and TheMoon malware targets ASUS routers.

Over the years, we have seen a substantial amount of cyberattacks happening around the globe. The most infamous of them is the RaaS attack, which is taking over organizations of all sizes. An employee’s sheer negligence and lack of cybersecurity solutions put organizations at higher risk. In this article, we will share some tips that every organization needs to know in order to stay away from cyberattacks. Ransomware attacks have become prevalent in recent years and can happen to any organization.

On an ordinary day, you're casually surfing the web and downloading some PDF files. The document icons seem pretty legitimate, so you click without a second thought. But, to your surprise, nothing happens. A closer look reveals that what you believed to be a harmless PDF was, in fact, an executable file. Panic sets in as your settings lock up, and even accessing the task manager becomes impossible. Unknown pop-ups invade your screen, telltale signs of malware execution.

A new malware loader is delivering the Agent Tesla remote access Trojan (RAT), according to researchers at Trustwave SpiderLabs. The malware is distributed by phishing emails with malicious attachments. “The threat begins with a fake bank payment email designed to deceive recipients,” the researchers write.

Using little more than a well-known business name and a invoice-related PDF, the “NaurLegal” phishing campaign aims at installing malware trojans. This new campaign spotted by security analysts at BlueVoyant demonstrates how effective spear phishing can be — even when the phishing execution itself is relatively basic. According to the analysis, threat actors impersonate well-known law firms and send out PDF attachments with the filename "Invoice_.pdf." Simple enough, right?