Using little more than a well-known business name and a invoice-related PDF, the “NaurLegal” phishing campaign aims at installing malware trojans. This new campaign spotted by security analysts at BlueVoyant demonstrates how effective spear phishing can be — even when the phishing execution itself is relatively basic. According to the analysis, threat actors impersonate well-known law firms and send out PDF attachments with the filename "Invoice_.pdf." Simple enough, right?

A new malware loader is delivering the Agent Tesla remote access Trojan (RAT), according to researchers at Trustwave SpiderLabs. The malware is distributed by phishing emails with malicious attachments. “The threat begins with a fake bank payment email designed to deceive recipients,” the researchers write.

New data shows organizations are well aware that their users are one of their greatest cybersecurity risks today, and yet aren’t taking the right steps to remediate the risk. KnowBe4 exists and continues to thrive because the human threat surface is far and wide. Email, text, web surfing, phone calls and crafty combinations therein all create somewhat unique attacks. In each of these instances, the user is relying on technology to stop the threat before the attack gets to them.

Analysis of a new initial access malware attack shows how simple these attacks can be while also proving that malware can reside on legitimate repositories. Security analysts at cybersecurity company Fortinet dissect the methods and actions taken by a new malicious Java-based downloader intent on spreading the remote access trojans (RAT) VCURMS and STRRAT.

The threat of novel malware is growing exponentially, making it more difficult for security solutions to identify attachments and links to files as being malware. According to BlackBerry’s new Global Threat Intelligence Report, the problem of novel malware has been continually growing over the last year. At the beginning of last year, BlackBerry was detecting new malware at a rate of just one per minute. By the next month, it was 1.5, 2.9 pieces per minute by August of last year.

A Phishing-as-a-Service (PhaaS) platform called “Tycoon 2FA” has surged in popularity over the past several months, according to researchers at Sekoia. The phishing kit is notable for its focus on bypassing victims’ multi-factor authentication measures.

A new report on the state of email security sheds some light on how organizations are viewing and approaching cyber insurance as they shift strategy toward being cyber resilient. The topic of cyber insurance has been covered quite a bit here on this blog. From when cyber insurance first began as a concept, to the challenges it poses for organizations looking as their last resort after an attack, to changes in insurance policy and law.

The FBI’s Internet Crime Complaint Center (IC3) newly-released Internet Crimes Report provides an unbiased big picture of the cyber crimes that were the most used and most successful. A few weeks ago we covered the alarming trends on ransomware, and FBI’s IC3 division took in over 880,000 complaints last year from individuals and businesses about every cyber crime being committed. Unfortunately, the details on overall cyber crime show things are not improving.

New data shows increased expertise in leveraging and exploiting cloud environments. CrowdStrike’s 2024 Global Threat Report shows that targeted attacks on cloud environments have increased, signaling that the cybercrime economy has realized the “untapped market” of the cloud environment.