Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

BlueVoyant investigated the latest Oyster malware attacks, delivered in a widespread campaign targeting IT professionals by impersonating legitimate IT tools. The campaign was originally discovered by outside researchers, but when BlueVoyant’s SOC observed suspicious behavior in a client environment within the healthcare sector, the team, including the Threat Fusion Cell (TFC), decided to delve deeper.

A recent investigation by BlueVoyant’s threat analysts has uncovered a sophisticated phishing campaign exploiting the Weebly.com platform to create fraudulent websites targeting small to mid-sized banks and financial institutions across the United States. This campaign stands out for its widespread scale and diffusion. Over the past few months, BlueVoyant has identified hundreds of phishing websites targeting more than 200 American banks and financial institutions.

As organizations rapidly embrace generative AI tools like Microsoft 365 Copilot to boost productivity and innovation, a critical question emerges: Is your data fully protected against today's accelerating and deepening threat landscape? The integration of generative AI tools (such as Microsoft 365 Copilot) into daily workflows brings unprecedented opportunities to enhance productivity. Yet equally unprecedented risks to your organization's most sensitive information.

The BlueVoyant Security Operations Center (SOC) recently responded to a client’s user accessing a potentially malicious link that further research identified as part of a recent, robust campaign aimed at stealing Twilio SendGrid credentials. The attack was investigated by BlueVoyant’s Threat Fusion Cell (TFC) to understand how it can bypass email filters, and how it likely targeted IT departments.