Products
Products
Response
Intelligence
About Cofense
About Cofense
Leadership

Cofense Phishing Prevention & Email Security Blog

STAY CURRENT ON INDUSTRY TRENDS & COFENSE NEWS

Customized Phishing Simulations Keep You “Left of Breach”

September 18, 2017 by Cofense in Cyber Incident ResponseInternet Security AwarenessPhishing

Part 3 in a series on being “Left of Breach” in the Phishing Kill Chain. In part 2 we looked at Self-Enumeration, assessing security and business process gaps that phishing attackers exploit. It’s the first step in being “Left of Breach” (see figure below), the process that builds a proactive phishing defense strategy.

READ MORE

Phishing Incident Response: Get Started in 3 Steps

September 15, 2017 by Cofense in Cyber Incident ResponseInternet Security AwarenessPhishing

So, you want to improve your response to phishing threats? Smart idea. PhishMe®’s recent report on phishing response trends shows that phishing is the #1 security concern, but almost half of organizations say they’re not ready for an attack.

READ MORE

Identity Crisis – The Real Cost of a PII Data Breach

September 12, 2017 by Cofense in Cyber Incident ResponseInternet Security AwarenessPhishing

As the success of phishing attacks continues to broaden and gain traction in the modern news cycle, it’s important that we understand the differences in impacts based on the type of breach.

READ MORE

Catching Phish with PhishMe Intelligence and ThreatQ

September 12, 2017 by Cofense in PhishingCyber Incident ResponseThreat Intelligence

PhishMe IntelligenceTM Integrates with ThreatQuotient’s ThreatQ Platform Swimming in a sea of threat intelligence indicators and services, security teams have been working towards effective ways to centralize, de-duplicate, and correlate massive amounts of threat data. The challenge, once this is done, is acting on what matters most. This requires intelligence, not just data.

READ MORE

To Get “Left of Breach,” First Know Thyself

September 11, 2017 by Cofense in PhishingCyber Incident ResponseMalware Analysis

Part 2 in a series on being “Left of Breach” in the Phishing Kill Chain. In part 1 of this series, we talked about getting front of data breaches by taking proactive steps—everything to the left of the bullseye in the figure shown here:

READ MORE

Human Phishing Defense Tackle Box – PhishMe Intelligence™ and IBM QRadar®

September 8, 2017 by Cofense in Cyber Incident ResponseInternet Security AwarenessThreat Intelligence

PhishMe® and IBM have teamed up to provide security operations with essentials for their phishing defense program. Security teams don’t want standalone security products; they need holistic security solutions and through partner integrations. That’s why PhishMe and IBM have partnered to help enterprise businesses defend against credential-stealing, malware, ransomware, and Business Email Compromise (BEC) phishing.

READ MORE

PhishMe Triage Catches and Mitigates a Phishing Attack on Day 1

September 8, 2017 by Cofense in PhishingCyber Incident ResponseMalware Analysis

BY JOHN TRAVISE AND NICOLAS OCTAVIANI PhishMe Triage™ immediately reveals an active, ongoing phishing attack against a new customer during a configuration and deployment.

READ MORE

NanoCore Variant Delivered Through UUE Files

September 8, 2017 by Marcel Feller in Phishing Defense CenterMalware AnalysisPhishing

Over the past few weeks, our Phishing Defense Center has observed several emails with malicious PDF attachments that prompt the user to download a .UUE file from Dropbox. UUE files (Unix to Unix Encoding) are files encoded with uuencode, a program that converts binary files to text format for easy transfer while still allowing for the files to be easily opened using Winzip or similar un-archiving applications. When file extensions are not displayed in Windows, the downloaded file looks like any other compressed file (as shown in Figure 1), which makes it harder to spot that this file is indeed...

READ MORE

Want to Get In Front of Breaches? Be Like the Marines.

September 5, 2017 by Cofense in Cyber Incident ResponseInternet Security AwarenessPhishing

Part 1 in our series on being “Left of Breach” in the Phishing Kill Chain. Too often in the information/cyber security industry, we focus our efforts on mitigation of breaches after they occur, relying on incident response teams to find the needles in the haystack. According to “Left of Bang: How the Marine Corps’ Combat Hunter Program Can Save Your Life,” (by Patrick Van Horne and Jason A. Riley; Foreword by Steven Pressfield) The Marine’s Combat Hunter training program works on this premise: by understanding what “normal” looks like, we are much more likely to recognize activities and behaviors that...

READ MORE

National Cybersecurity Awareness Month 2014

October 6, 2014 by Cofense in Internet Security Awareness

With National Cyber Security Awareness month (NCSAM) upon us, the national spotlight is on best practices to stay safe and protect your data online. Thanks to the support of the National Cyber Security Alliance, Department of Homeland Security, and the White House , the month of October will feature a number of initiatives designed to increase the knowledge base about cyber security issues with the general population and promote DHS’ “Stop. Think. Connect.” program to empower individuals to be safer online. PhishMe is proud to participate by being a 2014 NCSAM champion, and have made a number of resources available to...

READ MORE

Bash Vulnerability CVE-2014-6271 – Worm-able and Possibly Worse Than Heartbleed

September 25, 2014 by Cofense in Internet Security AwarenessThreat Intelligence

Post Updated 9/30/2014 Several months ago, the Internet was put to a halt when the Heartbleed vulnerability was disclosed. Webservers, devices, and essentially anything running SSL were affected; as a result, attackers were able to collect passwords, free of charge. With Heartbleed, the exploit made a splash and many attackers started to use the vulnerability. One of the more high-profile attacks of Heartbleed was the CHS attack, where the attackers siphoned 4.5 million patient records by attacking a Juniper device, then hopping onto their VPN. So how can something be bigger than Heartbleed? I’m glad you asked.

READ MORE

PDF Exploits: A Deep Dive

September 8, 2014 by Cofense in Internet Security AwarenessThreat Intelligence

On Friday, several of our users received phishing emails that contained PDF attachments, and reported these emails through Reporter. The PDF attachment is a slight deviation from the typical zip-with-exe or zip-with-scr; however, it’s still delivering malware to the user.

READ MORE

Four Ways Phishing Has Evolved in 2014

August 20, 2014 by Cofense in Threat IntelligenceInternet Security Awareness

Phishing isn’t exactly a new kid on the block. Phishing is one of the most common email-based threats. It is a tried and tested tactic that continues to deliver impressive results for cybercriminals. That’s why phishing continues to grow in popularity. In the month of June 2014 alone, phishing activities totaled $400 million in losses, which could be annualized at $102 million per year. While it has been around for years, phishing has evolved considerably and has increased in efficiency and effectiveness. In the last six months (as compared to 2013), we’ve seen several differences in the type, size and...

READ MORE

If it Looks Like a Phish, Acts Like a Phish, it Could Be Malware

August 20, 2014 by Cofense in Phishing

Most of us are familiar with the common idiom “If it looks like a duck, swims like a duck, quacks like a duck, then it is probably a duck.” Despite criminals’ constant efforts to change their techniques and tactics, this idiom usually holds true for online crime. Phishers have characteristic techniques in just the same way that malware writers and distributors employ specific tactics. These two don’t often overlap. However, when they do, it makes for a spectacularly effective attack. This week, PhishMe’s analysts uncovered spam emails distributed by the Cutwail spamming botnet using a new JP Morgan Chase spam...

READ MORE

An IRS Rebate That Isn’t Worth It: Phishing Tactics Repeat Themselves

August 13, 2014 by Cofense in Phishing

It’s about the time of year when people should be receiving tax refunds from the IRS, which gives attackers a great opportunity to craft phishing emails. PhishMe users recently reported a round of phishing emails purporting to be from the IRS about tax refunds:

READ MORE

Small but powerful — shortened URLs as an attack vector

July 31, 2014 by Cofense in PhishingThreat Intelligence

Using tiny URLs to redirect users to phishing and malware domains is nothing new, but just because it’s a common delivery tactic doesn’t mean that attackers aren’t using it to deliver new malware samples. We recently received a report of a phishing email from one of our users here at PhishMe that employed a shortened google URL, and led to some surprising malware. Through the power of user reporting, we received the report, discovered the malicious nature of the shortened URL, and reported the issue to Google – all within a span of 30 minutes. Google reacted quickly and took...

READ MORE

Phishing: Stop Paving the Cow Path

July 14, 2014 by Cofense in Phishing

Paving the cow path—why are we still using the same technologies to combat modern phishing attacks? When the city of Boston was new and unpaved, the city fathers decided against laying out a regular street plan. Instead, they merely paved the paths that had been worn by cattle. The results? A chaotic and inefficient street plan that lacks logic. The admonition not to “pave the cow path” is supposed to remind us not to enshrine an existing way of doing something. However, when combating phishing, the #1 threat vector in security*, we are paving the cow path. Let’s start with some facts about...

READ MORE

The E-ZPass Scam: More Information On This Week’s Attacks

July 11, 2014 by Cofense in Phishing

Earlier this week, reports surfaced about a new E-Z Pass scam. The spam campaign used the E-ZPass branding to fool recipients into visiting a malicious website. E-Z Pass is the electronic toll collection system used by several state departments of transportation. The E-Z Pass scam emails are likely to be sent to a large number of individuals who use the system, after all, the toll system is used in many cities. One of the emails we captured is shown in the image below. As you can see, the E-Z Pass scam emails use appropriate branding, and warn the recipient that...

READ MORE