Another ransomware tool has been added to the ever-growing encryption ransomware market with the introduction of the Bart encryption ransomware. Named by its creators in its ransom payment interface as well as in the extension given to its encrypted files, the Bart encryption ransomware has leveraged some distinctive mechanisms for delivery during its early deployments. Furthermore, this ransomware shares some interface elements that evoke the same look and feel used by the Locky encryption ransomware ransom payment interface. In many ways the Bart encryption ransomware is a very mainstream encryption ransomware in both the files it targets for encryption (a...
While perusing reddit.com, a well-known social hotbed of ‘intellectual superiority’, I came across the following string: *sigh* Asked by the boss man to phish the team… What I discovered is what appears to be a never ending lamentation on the ‘uselessness’ of phishing tests. I couldn’t agree more. Phishing ‘tests’ are indeed useless.
PhishMe is proud to announce it has been honored as the best large company to work for in the Washington D.C area, following a prestigious annual employee engagement survey. The Washington Business Journal ranked PhishMe #1 in the ‘large companies’ category, the first time the organization has been honored with the title, having surveyed 85 local firms.
Any hopes, however remote, that 2016 might bring relief from the troubling phishing trends prevalent in 2015 have been conclusively dashed by a thorough analysis of malware threats in the first quarter of this year. Not only has phishing intensified, but it’s also increasingly used to deliver ransomware.
Global leader in enterprise phishing defense and intelligence unveils highly anticipated update to help organizations resist Ransomware, Business Email Compromise (BEC) and other timely threats LEESBURG, VA – London, UK – June 8 2016 – PhishMe Inc., the leading provider of human phishing defense solutions, announced today the integration of critical content into PhishMe Simulator™ to help prepare employees for trending phishing attacks and damaging payloads. The Active Threats update allows operators to quickly utilize phishing templates based on current real-world attacks that are targeting organizations, such as Business Email Compromise (BEC) and Ransomware. Simulating these types of attacks ensures...
Today, our research team released our 2016 Q1 Malware Review, detailing more than 600 Active Threat Reports and the waves of phishing emails that delivered malware to victims across the globe each day last quarter. Among the sea of threats reported, the proliferation of ransomware stood out as one of the most common types of malware used through soft targeting and massively distributed attacks.
New Tactic Bypasses Existing Security Controls – Most Recent PayPal Phish Reveals Stealthy HTML AttachmentMay 25, 2016 by Heather McCalley in Phishing
Incident response is always a cat and mouse game. Organizations spend heavily on people and technology to help protect their enterprise, while threat actors continue to find new and unique ways to bypass those controls. We’ve seen this trend continue over time, whether it be with the shift to MHTML files by Locky or the delivery of malicious PowerPoint show files. The PhishMe intelligence team has noticed another change, this one by the actors who are phishing for login credentials, and their tactics reveal that they are actively working to bypass security controls.
In another highly visible ransomware event, Techcrunch recently reported that Congress was warned about ransomware attacks that were impacting the House of Representatives. While ransomware is by no means new, Congress was warned that these attacks were personalized and are specifically targeting third-party email services such as Yahoo or Gmail. Additionally, Congress was warned that their machine could be encrypted by simply clicking the link within the message.
Reuse of infrastructure supporting malware distribution is a well-documented characteristic of online crime and a key way to track and classify threat actors. While it may seem simplistic for monitoring threat actor activities, the IP addresses, domains, hostnames, and URLs contacted by malware tools betray a significant amount of information about threat actor groups. For some malware attacks, it’s possible to determine the threat actor’s identity based on the infrastructure used, but, other times, the lines are blurred because some organizations harbor cyber criminals.