Phishing Attack Impersonates Law Firm

Infosecurity Magazine | October 03, 2018

Phishing Attack Impersonates Law Firm
Netskope's Threat Research Labs today revealed details about a newly discovered phishing cyber-attack targeting the client bases of a law firm in Denver, Colorado, and across the US. Using a PDF file decoy hosted in Azure’s Blob Storage service, the attacker sends the file as attachment to its targets. The decoy is linked to an Office 365 phishing page and has a Microsoft-issued domain and SSL certificate. Because these attachments are often synced automatically to cloud storage services through collaboration settings in a variety of popular software and third-party apps in a number of enterprises, the campaign is very difficult to detect. Traditionally, the PDF is delivered as an email attachment that appears to come from a legitimate source. It’s not uncommon for these attachments to be saved to a cloud storage service, such as Google Drive.

Spotlight

There are many reasons why organizations like yours should be critically concerned with application security. Applications are becoming increasingly pervasive as organizations grow and implement more powerful software to support business processes, product development and daily operations. In additi


Other News
DATA SECURITY

SCADAfence Partners with Keysight Technologies To Provide Visibility and Industrial Cyber Security for OT Infrastructures

SCADAfence | September 23, 2021

SCADAfence, the global leader in cybersecurity for Operational Technology (OT) & Internet of Things (IoT) environments, today announced a partnership with Keysight Technologies, Inc. (NYSE: KEYS), a leading technology company that delivers advanced design and validation solutions to help accelerate innovation to connect and secure the world, to amplify network visibility and cybersecurity to some of the world's most complex OT networks. This new partnership will help organizations gain better control over their industrial environments and detect malicious activities, reducing risk through continuous monitoring and proactive mitigation. As more critical network infrastr...

Read More

DATA SECURITY

LogPoint introduces native SOAR into core SIEM offering, advancing cybersecurity automation and efficiency

PR Newswire | September 22, 2021

LogPoint, the global cybersecurity innovator, announced the successful completion of its acquisition of Tel Aviv-based SecBI. SecBI's universal SOAR and XDR technology will integrate natively with LogPoint to form an integrated, foundational Security Operations platform. SOAR will be released with LogPoint 7.0 in December 2021, and XDR will be introduced in Q2 2022. "With the tidal wave of cyberattacks threatening businesses and societies across the globe, a disruption of the way organizations respond to cybersecurity incidents is required," said Jesper Zerlang, CEO LogPoint. "Building on LogPoint SIEM and UEBA to effectively detect threats, orchestration an...

Read More

DATA SECURITY

Cowbell Cyber Unites Cybersecurity Giants and Cyber Insurance Industry with Launch of Cowbell Rx

Cowbell Cyber | September 21, 2021

Cowbell Cyber, the industry's first AI-powered cyber insurance provider for small to medium enterprises (SMEs), today announced the launch of its cyber risk exchange marketplace, Cowbell Rx. Cowbell Rx closes insurability gaps by providing cyber insurance applicants with resources to meet eligibility requirements while also enabling active policyholders to continuously improve their organization's risk profile. This comprehensive list of partners is the first of its kind in the cyber insurance industry. Cyberattacks continue to proliferate and damage business operations, with predictions that new attacks will happen every 2 seconds by 2031. However, cybersecurity and c...

Read More

DATA SECURITY

Cynalytica Delivers New Solution to Help Combat Cyber Threats to Maritime Navigation and Communication Systems

Cynalytica | September 20, 2021

Cynalytica Inc. announces its SerialGuard AnalytICS Platform now offers monitoring, deep packet inspection (DPI) support, and intrusion detection for legacy NMEA protocols. Its latest extension provides enhanced situational awareness and security to vulnerable maritime Industrial Control Systems (ICS) through NMEA-specific packet evaluations, analysis, and intrusion detection capabilities. "In addition to the serious threats posed to their OT network, one of the maritime industry's biggest security challenges today is the protection of their navigation and communications systems from persistent cyber threats. Vessels are increasingly vulnerable to cyber attacks that c...

Read More

Spotlight

There are many reasons why organizations like yours should be critically concerned with application security. Applications are becoming increasingly pervasive as organizations grow and implement more powerful software to support business processes, product development and daily operations. In additi

Resources

Events