PhishMe Blog

STAY CURRENT ON INDUSTRY TRENDS & PHISHME NEWS

Dyre Attackers Shift Tactics

BY PhishMe IN Internet Security Awareness

On December 4th, several employees using PhishMe’s Reporter Button for Outlook reported new waves of Dyre phishing. The email appeared normal at first, but further analysis showed that the attackers have made a big shift in order to remain hidden.

READ MORE

0 comments

WordPress Phishing: Target of Cybercriminals Worldwide

BY PhishMe IN Phishing

WordPress phishing attacks are now commonplace, with the sites a target for cybercriminals worldwide. WordPress and Phishing now go hand in hand. WordPress sites are being used by cybercriminals to obtain a wide range of sensitive data from users. In some cases, those sites are created by cybercriminals. In other cases, vulnerabilities in WordPress sites are leveraged and new content is created – content that captures users’ information. Exploit kits are also loaded onto the sites that download malware. Today’s technical press was full of headlines about the recent WordPress updates -eWeek’s WordPress 4.01 Updates Millions of Sites for 8 Flaws…

READ MORE

0 comments

Cridex Malware Authors Warn Lloyds users of Dyre

BY PhishMe IN Malware Analysis

PhishMe malware researchers have been helping you protect your network by sharing information about the Dyre Trojan and Cridex malware on a daily basis for several months; however, in that time we have not seen any actions as bold as those used by the Cridex malware authors today. Dyre is the current top banking Trojan being distributed by email, and it poses a significant threat to businesses and consumers. The Trojan steals credentials and the attackers use that information for financial fraud. Threat Analyst Neera Desai let us know about this new threat from today’s Cridex attack, which uses a malicious Microsoft…

READ MORE

0 comments

Three Ways Reporter Can Enhance Your Incident Response Process

BY Scott Renna IN Cyber Incident Response

Most of us have been in an airport and heard the announcement over the loud speaker; “If you see something, say something.”  The airport has security personnel; however, their agents cannot be everywhere at once.  They collectively rely on travelers passing through the airport to be their eyes and ears in places agents cannot be.  In this way, as an airport traveler, you are a “sensor” watching for, detecting, and alerting on suspicious behavior such as unoccupied luggage. What does this have to do with information security? Just as passengers can help prevent an incident in the airport by reporting…

READ MORE

0 comments

Two Attacks… Two Dyres… All Infrastructure

BY PhishMe IN Internet Security Awareness, Threat Intelligence

Over the last few days, we have seen two waves of Dyre. The attackers have changed things up a bit and made it harder to analyze. By using memory forensics techniques, we took a peek into their command and control (C2) infrastructure. The #1 rule of memory forensics…everything has to eventually be decoded, and we’re going to use this to our advantage. Here’s a quick look at the waves of emails we received. (Figures 1 and 2)

READ MORE

0 comments

Attackers Go Back to School: Phishing From .edu Leads to ZeuS

BY PhishMe IN Internet Security Awareness

On October 28th, several of our employees reported a wave of suspicious emails. The most peculiar of the bunch originated from an American university. Here is a screenshot of the phishing email:

READ MORE

0 comments