Threat Actors Use Advanced Delivery Mechanism to Distribute TrickBot Malware

Threat actors’ consistent pursuit of improved efficiency is a key characteristic of the phishing threat landscape. One method for improving efficiency is to use a unique delivery technique that not only allows threat actors to distribute malware but also succeeds in evading anti-virus software and technologies.

Karo Ransomware Raises Stakes for Victims by Threatening to Disclose Private Information

A ransomware victim must have a compelling reason to go through the burdensome process of obtaining Bitcoin and paying the ransom. For many victims, the threat of permanently losing access to their files is enough. However, some ransomware authors and criminals seek to push victims harder by raising the stakes even further.

Threat Actors Continue Abusing Google Docs and Other Cloud Services to Deliver Malware

A key part of phishing threat actors’ mission is to create email narratives and leverage malware delivery techniques that reduce the likelihood of detection. By combining compelling social engineering with seemingly benign content, threat actors hope to bypass technical controls and to convince their human victims of a phishing email’s legitimacy. One method with a long history of use is the abuse of Google Docs file sharing URLs to deliver malware content to victims. Because Google Docs and other cloud services may be trusted within an enterprise, threat actors will continue to abuse file sharing services to possibly bypass firewalls and anti-virus technologies.

PhishMe Named a 2017 Greater Washington Area Top Workplace by The Washington Post

Leesburg, Va. – June 28, 2017 – PhishMe® (cofense.com), the leading provider of human-focused phishing defense solutions, announced today that it has been awarded a 2017 Top Workplaces honor by The Washington Post. The Top Workplaces lists are based solely on the results of an employee feedback survey administered by WorkplaceDynamics, LLC, a leading research firm that specializes in organizational health and workplace improvement. Several aspects of workplace culture were measured, including alignment, execution, and connection, just to name a few.

PhishMe Named a 2017 Best Place to Work by Washington Business Journal

Leesburg, Virginia – June 26, 2017 – PhishMe® (cofense.com), the leading provider of human-focused phishing defense solutions, today announced it has been honored for the second consecutive year as a Best Place to Work in the Washington D.C area by Washington Business Journal following an annual employee engagement survey. The Washington Business Journal ranked PhishMe 5th in the ‘large companies’ category.

PhishMe CEO and Co-Founder, Rohyt Belani, Named a 2017 Washington Business Journal 40 Under 40 Honoree

Leesburg, Virginia – June 22, 2017 – PhishMe® (cofense.com), the leading provider of human-focused phishing defense solutions, today announced that co-founder and CEO Rohyt Belani has been named to the Washington Business Journal’s 2017 “40 Under 40” list. The 40 Under 40 program honors Greater Washington’s top business leaders and owners under 40 years of age who exhibit outstanding performance in their field. Honorees were chosen from more than 450 nominations by a panel of outside judges and the Washington Business Journal staff, and each honoree will be recognized at an awards ceremony being held on July 20, 2017 at Nationals Park in Washington, D.C.

Tracking and Mitigating Zyklon Phishing Using Threat Intelligence and Yara

The Zyklon HTTP Botnet malware is a tool that is readily accessible to threat actors in online criminal marketplaces and has been observed in use for various criminal activities. Among its features is the ability to log the keystrokes typed by a victim as well as to collect other private or sensitive information, and one of the most notable uses for Zyklon has been as a downloader and delivery tool for the Cerber encryption ransomware. Over a dozen unique campaigns to deliver this malware have been identified and reported by PhishMe Intelligence and it represents one of the most rapidly-growing constituents on the threat landscape. Each time the Zyklon malware is identified, it has followed a relatively-straightforward and mainstream method for infecting victims. With only one exception, Zyklon has been delivered using Microsoft Word documents with hostile macro scripting used to deliver the botnet malware payload.

PhishMe’s Rohyt Belani Named Entrepreneur of The Year® 2017 Award Winner in Mid-Atlantic Region

Leesburg, Virginia – June 16, 2017 – PhishMe® (cofense.com), the leading provider of human-focused phishing defense solutions, today announced that CEO and co-founder Rohyt Belani received the EY Entrepreneur Of The Year® 2017 Award in the Security category in the Mid-Atlantic region. The award recognizes entrepreneurs who are excelling in areas such as innovation, financial performance and personal commitment to their businesses and communities. Rohyt Belani was selected by an independent panel of judges, and the award was presented at a special gala event at the Ritz-Carlton, Tysons Corner in McLean, Virginia on June 15, 2017.  

PhishMe® Files Second Intellectual Property Enforcement Action Against Wombat Security Technologies, Inc.

Leesburg, VA – June 16, 2017 – PhishMe Inc., the leading provider of human-phishing defense solutions, announced today that it has filed a second patent infringement lawsuit against Wombat Security Technologies, Inc. (“Wombat”) in the United States District Court for the District of Delaware. PhishMe’s complaint alleges that Wombat infringes PhishMe’s U.S. Patent Nos. 9,591,017 (the ’017 Patent) and 9,674,221 (the ’221 Patent). A copy of the complaint is available here. PhishMe previously initiated a patent infringement lawsuit against Wombat in 2016. In that lawsuit, which remains pending, PhishMe asserts that Wombat infringes U.S. Patent No. 9,398,038 (the ’038 Patent). In both lawsuits, PhishMe alleges that Wombat’s ThreatSim, PhishAlarm, and PhishAlarm Analyzer solutions illegally use PhishMe’s patented technology.