Custom I2P RAT “I2Parcae” Delivered via Pornographic Customer Support Form Spam
A customer support contact web form spamming campaign delivering a newly distributed Remote Access Trojan (RAT) was seen a few days ago. Cofense Intelligence is tracking this new malware family as “I2Parcae”. This RAT is notable for having several unique tactics, techniques, and procedures (TTPs), such as Secure Email Gateway ... Read More
Cofense Intelligence Identifies U.S. Presidential Assassination-Themed Phishing Campaign
The Cofense Intelligence team discovered a credential phishing campaign falsely claiming that President-elect Donald Trump was assassinated. These emails, targeting the professional services and mining sectors, impersonate The New York Times. The link embedded in the email leads to a credential phishing page that spoofs the victim’s company ... Read More
Utilizing Human Intelligence at Scale in Email Security: The Key to Closing the AI Security Gap
When it comes to email security, AI-based filtering tools are a great resource, but they are not an infallible solution. Attackers are also evolving, taking advantage of easily accessed AI and ML tools to craft deeply researched and highly targeted phishing campaigns that can bypass both traditional and ML model-based ... Read More
Keys to Defending Against AI Phishing Threats
AI-powered phishing threats are a formidable adversary for security operations teams worldwide. Our recent webinar, "Defending Against the AI Phishing Threat," highlighted the growing sophistication of these threats and shared strategies to protect your organization. Below are some key insights from the discussion, offering a comprehensive guide to fortifying defenses ... Read More
Hidden in the Crowd: The Risk of Group-Delivered Malware
In most cases, threat actors make use of one or more delivery mechanisms to place a single malware sample on a victim’s computer. This is because most of the time only that one file is needed to completely compromise a computer and, in many cases, other computers on the same ... Read More
PythonRatLoader: The Proprietor of XWorm and Friends
The Cofense Phishing Defense Center (PDC) has uncovered a sophisticated attack that leveraged multiple layers of obfuscation and evasion techniques to distribute and execute VenomRAT. However, this attack campaign didn’t end with VenomRAT because the subsequently loaded plugin continued to deploy various types of malware into the victim’s environment ... Read More
More Than Just a Corporate Wiki? How Threat Actors are Exploiting Confluence
Recently, the Cofense Phishing Defense Center (PDC) has seen an increase in malicious emails utilizing legitimate third-party business software to evade detection while maintaining a high level of deception. In this instance, the collaboration and project management platform Atlassian is being used to host malicious content via their domain, in ... Read More
Cofense announces Client-Specific Privacy-Assured AI Spam Filtering
New advancements to the Cofense Phishing Detection and Response (PDR) platform improve visibility of dangerous email-based threats helping SOC teams respond faster ... Read More
How Virtual Hard Drive Files are Bypassing your Secure Email Gateway & AntiVirus Scanners
While virtual hard drive files like .vhd and .vhdx are typically used for virtual machines, they can also be opened in Windows to mount the virtual image as if it were a physical volume. Recently, threat actors appear to be avoiding detection from Secure Email Gateways (SEGs) and commercial antivirus ... Read More
Cofense PhishMe Named Best Email Security Solution of the Year
Cybersecurity Breakthrough Awards’ recognition highlights Cofense PhishMe’s leadership in combining AI, ML, and human intelligence to combat advanced phishing attacks. ... Read More
