Phishing volume in 2021 continues to outpace last year by 22%, according to PhishLabs Quarterly Threat Trends & Intelligence Report.
Digital Risk Protection (DRP) continues to gain momentum and attention among CISOs and security professionals. DRP, an operational security function once classified under Threat Intelligence (TI), has been elevated by the Gartner Hype Cycle and other analyst research as an emerging security function that security teams rely on to address multiple external cyber threat use cases.
As Phishing attacks get more sophisticated on the social engineering front, so to does the technology and techniques behind keeping them online longer.
Verizon's annual Data Breach Investigations Report has just been released. What does it have to say about Phishing?
Mobile malware BankBot Anubis recently began using Chinese characters to encode C2 information and added Telegram as a method for distributing C2 communications. This post details these changes.
As more websites obtain SSL certificates, the number of potential HTTPS websites available for compromise increases.
Find out how URL pattern analysis can dramatically reduce the time and energy required to produce actionable phishing intelligence
A deep-dive malware analysis of the Qadars Banking Trojan and how it works.
The ease of buying low cost, pre-built tools broadens the range of potential targets in BEC attacks. This blog discusses one of these tools - Olympic Keylogger.
Last week, researchers at Proofpoint reported an attack campaign, which was dubbed “Smash & Grab," targeting customers of JP Morgan Chase. Based on intelligence from the Phishlabs R.A.I.D. (Research, Analysis, and Intelligence Division), the “Smash & Grab" operations have been active since at least mid-June. The attacks use email messages to direct potential victims to a phishing page. Visitors to the phishing page are also exposed to an exploit kit that abuses software vulnerabilities to infect victims with malware.