Locky or TrickBot? Depends Where You Are. Malicious Payload Delivery Tailored by Geographic Location

BY NEERA DESAI AND VICTOR CORNELL

It is not uncommon for threat actors to deploy malicious payloads from multiple malware families during a single phishing campaign. These malware tools may include ransomware, a financial crimes trojan, or other botnet malware. However, it is not as common for those attackers to deploy different malware tools based upon the geographic location of their victim.

Endpoint Phishing Incident Response with PhishMe and Carbon Black

Hunting Phished Endpoints with PhishMe Intelligence™ and Carbon Black® Response

While sipping coffee and reading the morning headlines, the CISO notices a global mass-phishing campaign that took place overnight. Picking up the phone and calling the SOC, the CISO asks; “Are there any computers that may have been infected with ‘X’ that I read about this morning? I need answers before my meeting in an hour”.

Catching Phish with PhishMe Intelligence and ThreatQ

PhishMe IntelligenceTM Integrates with ThreatQuotient’s ThreatQ Platform

Swimming in a sea of threat intelligence indicators and services, security teams have been working towards effective ways to centralize, de-duplicate, and correlate massive amounts of threat data. The challenge, once this is done, is acting on what matters most. This requires intelligence, not just data.