Cofense Launches MSSP Program to Provide Essential Phishing Defense Capabilities to Small and Midsized Businesses

Program will provide global MSSPs world-class, human-driven anti-phishing offerings that increase attack resiliency and speed response times to stop phishing in its tracks

LEESBURG, VA. – January 16, 2019 – Today Cofense™, the leading provider of human-driven phishing defense solutions world-wide, launched its Managed Security Service Provider (MSSP) program to provide small and medium-sized businesses (SMBs) across the globe with essential human-driven phishing defense solutions designed to stop active phishing attacks. SMBs are highly susceptible to phishing attacks, and often lack the resources necessary to stop advanced threats. In response, Cofense has partnered with a targeted group of elite service providers to provide their customers the dedicated resources required to strengthen defenses, build attack resiliency and ultimately stop real attacks in progress.

Exploiting an Unpatched Vulnerability, the Ave_Maria Malware Is Not Full of Grace

CISO Summary

CofenseTM has seen a rise in phishing campaigns designed to deliver a type of stealer malware called Ave_Maria. It contains a capability, DLL hijacking, that uses a vulnerability with no forthcoming fix. With origins in a publicly available utility, DLL lets Ave_Maria gain greater admin privileges and avoid detection, then steal information so it can download additional plugins and potentially other payloads. This malware can bypass detection and privilege restrictions on many endpoints.

The Vjw0rm Malware Does It All. Here’s What to Watch For.

CISO Summary 

It’s called the Vengeance Justice Worm (Vjw0rm), but think of it as the Leatherman tool of malware. Vjw0rm wreaks havoc in highly versatile ways: information theft, denial of service (DoS) attacks, and self-propagation to name a few. CofenseTM has spotted this hybrid threat—a cross between a worm and a remote access trojan (RAT)—in a recent phishing campaign dangling a banking lure.   

In 2018, Cheap and Easy Malware Flooded Corporate Inboxes

CISO Summary

Sometimes it’s the simple things that make life hard. In 2018, over 2/3 of unique malware campaigns Cofense IntelligenceTM observed were simple, inexpensive “stealers” or remote access trojans (RATs). With exceptionally low barrier-to-entry—an email account or website can handle distribution and communication—these malware types make data theft a viable career choice for threat actors without the skills to use more advanced varieties.