On March 22nd, Cofense came across a rather unique malware sample that had a very low detection rate. At the time of analysis, the file was only detected by 5/61 AV engines. The detection rate did not reach 30% until at least a week later, as per VirusTotal: 38015eb1699b7596e8c95fed7f0bc32d1492b371bd4d7953019f69dcf40ff1fd.
Over the past few years, we have seen media attention drawn towards the length of our attention spans as related to our use of technology. Some reports claim a drop from 12 seconds to 8 seconds over the past decade, while others refute that data.
Back in 2008, Cofense™ (PhishMe®) pretty much invented the phishing awareness industry when we unveiled the first phishing simulation program for businesses. Cofense PhishMe™ made it easy to condition employees to recognize and report phishing emails and today, over 27 million (and counting) end users in 160 countries, including employees at half the Fortune 100, rely on our expertise.
Become the First Security Awareness Professional to be Fully Certified in Phishing Simulation Programs with CofenseMarch 29, 2018 by phishme in Cyber Incident ResponseInternet Security Awareness
Want to boost your anti-phishing and your professional creds? Now you can, in just a few hours and on your own schedule. Cofense™ is pleased to announce the Cofense PhishMe™ certification, the industry’s first and only professional certification for phishing simulation programs. It’s your chance to fully master Cofense PhishMe, our award-winning phishing awareness training solution, while becoming a certified expert in phishing simulation programs.
New additions to the TrickBot malware’s capabilities, observed by the Phishing Defence Centre, indicate that this malware tool is undergoing active development. The designers of this malware are still working hard to introduce new functionality including a network worm functionality and a screen-lock module. The worm component utilises the leaked “EternalBlue” exploit for CVE-2017-0144 to propagate itself across networks that have yet to patch or discontinue the use of SMBv1. The deployment of the screen-lock module (which appears to be still in the early phases of development) gives the threat actors the ability to change the functionality of the malware...
Many gamers are unaware that they are either potential targets for mining botnets or that they may already be mining cryptocurrencies for cybercriminals. Why are gamers targets? Think about it. Mining requires a large graphics card (GPU), a dedicated Internet connection and an uninterrupted power source. Gamers use powerful and immersive, high-performing GPU’s to stay online and play networked games without interruption. It’s the perfect recipe for crypto mining.
A regional healthcare provider started using Cofense PhishMeTM so employees could learn to recognize different types of phishing. At first, the company sent all employees simulated phishes that were tough to recognize. No surprise, susceptibility was high across the business.
Adding to a growing trend of phishing attacks wherein Windows and Office functionalities are abused to compromise victim systems, Cofense Intelligence™ has analyzed a recent campaign that uses the URL file type to deliver subsequent malware payloads. This file type is similar to a Windows LNK shortcut file (both file types share the same global object identifier within Windows) and can be used as a shortcut to online locations or network file shares. These files may abuse built-in functionality in Windows to enhance the ability of an attacker to deliver malware to endpoints. By abusing these built-in functionalities, threat actors...
Cofense Intelligence™ uncovered a resurgent Sigma ransomware campaign on March 13, 2018 following a noted three-month hiatus of the malware. Although many aspects of this campaign—including its anti-analysis techniques—are consistent with previously analyzed Sigma samples, its return is in and of itself atypical.
Rohyt Belani, CEO & Co-founder, Cofense So far, it’s been a very exciting 2018 here at Cofense, with our recent acquisition and announcement of our new name and brand. We continued performing well as a company and launching numerous new features across our products.