Skip to main content
Author

Marie Mamaril

Cyber Threat Intelligence Analyst

Marie Mamaril works as a Cyber Threat Intelligence Analyst at Cofense responsible for the identification, analysis, and documentation of indicators and threat observables associated with credential phishing campaigns and malware-related threats to produce actionable intelligence for the Company’s intelligence platform. With over a decade of experience in Cybersecurity, her background spans SOC operations, incident response, security monitoring, threat hunting, identity and access management, and cloud security across global enterprise and cloud-native environments. Her experience includes supporting enterprise security operations through threat analysis, security monitoring, and incident investigation, while contributing to proactive defense initiatives through threat intelligence and incident response activities focused on strengthening organizational cyber defense capabilities.

Articles By

Marie Mamaril

3 posts

{{articles.featured.category.label}}
March 25, 2026

The Unintentional Enabler: How Cloudflare Services are Abused for Credential Theft and Malware Distribution

The blog explains how threat actors increasingly abuse legitimate Cloudflare services like Workers and Tunnels to host phishing pages, distribute malware, and evade traditional security defenses by leveraging Cloudflare’s trusted infrastructure. It details how attackers use these tools to create convincing credential-harvesting sites and covert malware delivery mechanisms, including RAT deployment through obfuscated connections and WebDAV-based techniques.

October 22, 2025

Unpacking the Phishing Script Behind a Server-Orchestrated Deception

A rare, highly sophisticated script is bypassing Secure Email Gateways by randomly rotating domains and dynamically swapping server-side pages to steal credentials and avoid detection. First detected by Cofense Intelligence in February 2025, the ongoing threat is delivered via malicious web pages and email attachments—underscoring the need for swift, smarter defenses.

April 29, 2025

Spain and Portugal Power Outages Spark a Surge in Phishing Attacks

Cofense Intelligence has seen an email campaign spoofing TAP Air Portugal, the Portuguese national airline. This specific campaign takes advantage of a headline about the April 28, 2025 nationwide power outage that occurred in Spain and Portugal. The emails were received while the power outage was ongoing.