Reported phishing emails are useful for plenty of reasons. They help you measure cyber risk, study common attack trends, and even provide inspiration for your own phishing simulations. One of the security functions that benefit most from reported phishing emails is threat hunting, the process of identifying threats quickly so they can be contained before any major damage is done. Reported...

Let's be honest, employees make mistakes. And sometimes those mistakes have catastrophic consequences. Everybody has heard stories about people accidentally leaving an unencrypted work laptop on the train, or on the seat of their car. Heck, on a busy day we could even imagine ourselves doing it. But with industry regulators finally starting to find their teeth — and the GDPR is now in full...

Each day the average person spends around 135 minutes on social media. We know what you're thinking. That's a heck of a lot of time spent liking things, laughing at memes, and watching baby animal videos. But it's not all fun and games. In today's world we are more connected than ever, and social media platforms encourage us to share what was once private information in a very public way....

Ransomware. The word strikes fear into the hearts of hospital administrators, local government officers, and small business owners everywhere. After exploding in 2016, ransomware has been covered extensively by media outlets and security experts, to the point where most organizations have started to take at least some action to mitigate their exposure. But have these efforts had any impact?...

So here it is… the first one you've received. Everything has been building up to this. You spent days preparing the business case, weeks designing the training program… and it's finally paid off. The first user-reported phishing email has hit your inbox. Now… what should you do with it? Time is of the Essence Reported phishing emails are good for a lot of reasons. For starters, they can...

On Friday, March 23, nine Iranian threat actors were indicted for stealing massive quantities of data from universities, businesses, and governments all over the world. If you've been following our blog (or the news), you already know the actors are associated with an organization called the Mabna Institute, and are responsible for stealing more than 31 terabytes of data over the past four and...

A newly observed variant of BankBot has been discovered masquerading as Adobe Flash Player, Avito, and an HD Video Player. This variant, now detected by PhishLabs as BankBot Anubis, was first identified on March 5, 2018. BankBot Anubis takes mobile threats to the next level incorporating ransomware, keylogger abilities, remote access trojan functions, SMS interception, call forwarding, and...

You receive an email, you are unfamiliar with the sender's name or email address, and they are offering you a new service or deal on something. Is it malicious? Not necessarily. Perhaps you forgot about signing up for a newsletter a while back. Malicious Versus Benign According to Symantec, 55.5 percent of business emails are considered spam emails, with the average business account getting...

The push for more widespread adoption of HTTPS has been in full-force this year as a way to increase the number of websites that securely transmit information on the Internet. In January, both Chrome and Firefox browsers began alerting users whenever sensitive information, such as passwords or credit card information, was entered on a non-HTTPS web page. In October, Google took this a step...

'Tis the season for shopping, time spent with friends and family, and preparations to celebrate the holidays. As most of us plan for the coming season, cyber criminals are looking for opportunities to catch victims off guard and steal valuable personal information. People looking to supplement their gift-giving budget with a seasonal holiday job should take a close look at job listings before...

A Java-based Adwind Remote Access Trojan campaign has been observed sending spam emails containing a malicious JAR file under the guise of “Request For Quotation,” “Transfer Import,” “Swift Copy,” “Proforma Invoice,” “DHL Delivery Notification” and many others. Adwind, also known as jRAT and JSocket, is a cross-platform remote access tool designed to run on Mac OS, Windows, Linux, and Android...

All through October, in aid of National Cyber Security Awareness Month (#CyberAware) we’re putting phishing under the microscope. In each post we’ll take a close look at one specific type of phishing, including the actors responsible, who it targets, and how/why it works. Today, we’re a true phishing classic: Nigerian 419 scams. We've put the 15 best practices for spotting and handling...

All through October, in aid of National Cyber Security Awareness Month (#CyberAware) we’re putting phishing under the microscope. In each post we’ll take a close look at one specific type of phishing, including the actors responsible, who it targets, and how/why it works. Today, we’re exploring one of the most audacious phishing tactics: Business email compromise (BEC) also known as CEO scams....

Nation states. Hacktivists. Cyber criminals. There are so many players in the modern threat landscape it can be hard to keep up. And the number of threats? Practically too many to count. By the time you’ve secured your organization against password reuse, DDoS, and crimeware attacks, your resources are likely so diminished there’s no point even thinking about what else could be out there. ...

The fact that hackers are increasingly targeting mobile devices isn’t exactly a secret. And really, it’s not surprising either. After all, most of us are practically glued to our smartphones throughout the day. An SMS arrived? Better read it straight away. New email? Let me at it. Somebody I don’t care about updated their Facebook status? Great, let’s see what they’re up to. The...

When you’re attempting to mitigate the risk of phishing, threat intelligence plays a vital role. After all, what better way to predict and intercept future phishing attacks than by analyzing past attacks for patterns and indicators? This post is the second in a series breaking down lessons learned from our recent consumer-focused phishing webinar. In the first post we covered the value of...

In the last post, we took a look at the logistical and human issues surrounding the setup of a new security operations center (SOC). And while having a mission, the right people, and a physically secure location are all vital to the success of a new SOC, there are many more things to consider before you can jump in and get started. In this post, we’re going to take a closer look at the...

There’s a certain mystique and excitement surrounding the idea of a security operations center. It puts your in mind of a mission control style room, possibly in an underground bunker, where people in uniforms shout orders and spend all their time responding to imminent threats. And in a world where cyber attacks have become a daily reality, and even midsize organizations are forced to...