Proofpoint protects your people, data and brand against advanced cyber threats and compliance risks. Follow
@threatinsight
for updates on the threat landscape.
Proofpoint researchers found a new
#malicious
3rd party
#OAuth
app campaign that abused the
#Microsoft
“verified publisher” status to bypass restrictions.
Observed impact: App impersonation. Compromised mailboxes. Data exfiltration. Brand abuse.
Blog:
Our
@threatinsight
researchers have tracked a recent rise in campaigns abusing
#Microsoft
#OneNote
.
This graph breaks down the wide variety of
#malware
distributed using this method. AsyncRAT tops the list, with familiar suspects Agent Tesla and Qbot also appearing.💡
Proofpoint
@threatinsight
researchers shared findings on a new malware strain that is distributed via bogus installation packages of the Bitwarden password manager.
@TheHackersNews
covered the analysis of this malware named ZenRAT.
Qbot affiliates including TA570 and TA577 have all taken at least a month off over the summer in the past three years.
TA577, one of the largest
#Qbot
affiliates, delivered its last campaign to date on 21 June.
⚡️Threat Actor Spotlight: TA2715⚡️
TA2715 is a financially motivated threat actor we’ve been tracking since September 2019. The group is notable for using Microsoft Excel documents that exploit a vulnerability in Excel’s Equation Editor to deliver their malware payloads. 🧵1/4
Cyber criminals have been experimenting with new
#malware
delivery techniques ever since
#Microsoft
started blocking
#Excel
#macros
.
In January, Proofpoint saw a massive increase in the number of campaigns using
#OneNote
.
Follow
@threatinsight
for more threat landscape updates.
Have you ever wanted to step into the mind of a threat actor? On Wednesday Aug. 10, Sherrod DeGrippo, VP of Threat Research and Detection, and Kelsey Merriman, Threat Researcher, will help you do just that.
This is a
#BHUSA
session you won't want to miss.
⚡️Threat Actor Spotlight – TA544: Ursnif Love in the Air⚡️
TA544 is no stranger to
#Ursnif
. This financially motivated group has distributed the banking
#malware
in high-volume campaigns for several years. But in a recent campaign, we noticed TA544’s lures taking an unusual turn…
As part of making the
#internet
a safer place, we are offering ETPro at no cost as part of our partnership with the Open Source network
#security
platform OPNSense.
⚡️Threat Actor Spotlight: TA2541 ⚡️
#TA2541
is a persistent cybercriminal actor that distributes various remote access trojans (RATs) targeting the aviation, aerospace, transportation, and defense industries, among others.
Can countering human thought processes help orgs build more resilient defense models against attacks? Find out at
#BHUSA
as Proofpoint threat research experts
@sherrod_im
and
@k3dg3
dive into the mind of a
#threatactor
.
Learn more about this session at .
The UK is the most likely country to pay cyber-criminals after
#ransomware
attacks. Recent
#Proofpoint
research shows that 82% of UK companies paid hackers to get their data back, against a global average of 58%, via
@BBCNews
and
@joetidy
.
#CyberAware
Proofpoint has entered into a definitive agreement to acquire
@Tessian
, an innovator in the use of advanced
#AI
to automatically detect and guard against both accidental
#dataloss
and evolving
#email
threats.
Read the announcement:
To stay ahead of
#hacker
, become one. At
#GSX2022
,
@sherrod_im
will share how to build a
#malicious
threat campaign and the steps needed to create and send a
#malware
campaign for profit.
Inhabit the threat actor’s mind and become a better defender:
Proofpoint threat researchers have observed a new VB6 downloader that abuses cloud services in the wild that we and other researchers are calling
#GuLoader
.
Proofpoint threat researchers have observed the adoption of a novel and easily implemented phishing attachment technique by APT threat actors in Q2 and Q3 of 2021. This technical blog shares more.
#CyberSecurity
#InfoSec
#ThreatActors
Proofpoint is thrilled to announce that Ashan Willy has been named CEO, effective immediately, after unanimous board approval. 🎉
We are excited to continue delivering world-class products and excellent customer experience under his leadership.
What You Need to Know About Iranian
#CyberAttacks
:
#Proofpoint
Senior Director of Threat Research and Detection Sherrod DeGrippo discusses Iran’s advanced persistent threat (APT) program and what it means for your organization.
#CyberSecurity
We've seen a range of known cyber criminals use HTML smuggling. While much of the activity can’t be readily attributed, high-volume threat actors
#TA570
and
#TA577
are the most prominent in our data.
More
@threatinsight
➡️ .
#cybersecurity
.
@Sleuthcon
is poised to start strong, with Selena Larson's presentation on the collision of APTs and cybercrime first on the agenda!
Join her as she argues that some of the most successful cybercriminals are the most persistent and sophisticated threats.
⚡️Search-ms URI protocol abuse⚡️
The Windows search protocol has recently emerged as a new vector for
#malware
delivery. Attackers are abusing the“search-ms” URI protocol handler to locally display malicious files hosted on a remote server.
Congratulations to
@ederouet
Senior Director of International Corporate Communications
@proofpoint
on being named one of London's Top 100 B2B
#Marketing
Influencers:
A new malware called Latrodectus has been spotted by researchers at Proofpoint &
@teamcymru_S2
.
With similar infrastructure and operational overlaps, the teams believe that the developers of
#IcedID
are behind Latrodectus.
Learn more in BleepingComputer.
The World Economic Forum ranked cyber-attacks and
#databreaches
second only to natural disasters and extreme weather in terms of risk, the protection of data is a priority no one can ignore.
#DataPrivacyDay
#PrivacyAware
📥 Email subject lines - “About a role” - “Job Application” - New version of
#AZORult
stealer improves loading features, spreads alongside
#ransomware
in new campaign.
#Malware