phishing

4 min read

This post was authored by Earl Carter. Attackers are constantly looking for ways to monetize their malicious activity. In many instances this involves targeting user data and accounts. Talos continues to see phishing attacks targeting customers of multiple high profile financial institutions.  In the past couple of months, we have observed phishing attacks against various […]

5 min read

This post was authored by Nick Biasini, Alex Chiu, Jaeson Schultz, and Craig Williams. Special thanks to William McVey for his contributions to this post. Table of Contents Overview WHOIS Privacy Protection Why Does This Exist The Issue Implications for the Good/Bad Guys Current State and Mitigations Disclosure Timeline Conclusion Footnotes Overview In mid-2013, a problem […]

2 min read

2014 was a terrible year for corporate data breaches. If there is to be any silver lining, information security professionals must draw lessons from the carnage. A good place to start is to identify common denominators. Several of the most damaging incidents started with phishing emails into office (or contractor) networks. Social engineering has gotten […]

2 min read

If you read the recently released Cisco Annual Security Report, you will have learned how spammers have adopted a “Snowshoe” strategy, using a large number of IP addresses with a low message volume per IP address, to send spam, preventing some spam systems from sinking the spam. This yielded a 250 percent increase in spam […]

1 min read

Researchers from the Cisco Talos Security Intelligence and Research Team recently discovered an elaborate attack dubbed the String of Paerls. The attack, a combined spearphishing and exploit attempt, was able to bypass most antivirus engines and used a targeted phishing email that included a malicious Word document attachment. Upon opening the Word attachment, a macro downloaded […]

4 min read

Overview Phishing attacks use social engineering in an attempt to lure victims to fake websites. The websites could allow the attacker to retrieve sensitive or private information such as usernames, passwords, and credit card details. Attacks of this kind have been around since 1995, evolving in sophistication in order to increase their success rate. Up until now, […]

1 min read

This post has been coauthored by Joel Esler, Craig Williams, Richard Harman, Jaeson Schultz, and Douglas Goddard  In part one of our two part blog series on the “String of Paerls” threat, we showed an attack involving a spearphish message containing an attached malicious Word doc. We also described our methodology in grouping similar samples based on Indicators of Compromise: static and […]

5 min read

This post was co-authored by Jaeson Schultz, Joel Esler, and Richard Harman.  Update 7-8-14: Part 2 can be found here This is part one in a two-part series due to the sheer amount of data we found on this threat and threat actor. This particular attack was a combined spearphishing and exploit attempt. As we’ve seen in the past, this […]

3 min read

In recent weeks, the volume of malicious email carrying attachments has increased substantially. To entice recipients into opening those attachments, attackers are employing pitches across a wide range of subjects.  In doing so, they are defeating the often doled out advice to not open attachments in email received unexpectedly. One of the more striking examples […]