About Cofense
About Cofense
FAQs for PhishMe Submerge
Registration & Event Information How do I register? Please use the…
Learn More
Free Tools
Free Tools
Create Transparency
Speed Response

Cofense Blog


SIEM: So Many Alerts, So Little Time

May 15, 2014 by Cofense in Internet Security Awareness

Software vendors participate in industry events for various reasons. We attend to share information as speakers and to learn as attendees. You’ll see us sponsor tote bags, snack stations, and even lunch. We are there to raise awareness of our solutions and generate leads for our sales team. We like scanning badges as much as you like getting schwag but for most vendors like us, the best use of our time in the booth is not spent waving a scanner. It is “events season” in the security world and PhishMe has been an active participant in events like RSA, FS-ISAC...


Phishing Attacks Target Google Users with Weakness in Chrome: What You Need to Know

May 14, 2014 by Cofense in Internet Security Awareness

If your employees are users of Google Chrome and/or Mozilla Firefox, your network could be vulnerable to a unique phishing attack targeting the two most widely-used browsers in the world. Several media outlets are covering the uniform resource identifiers (URI) exploit, which Google Chrome and other web browsers utilize in order to display data. This attack, which is difficult to identify via traditional methods, allows cybercriminals to gain access to Google Play, Google+ and Google Drive. This means that any sensitive information stored within each of those areas is up for the taking. In the case of Google Play that means...


Abusing Google Canary’s Origin Chip makes the URL completely disappear

May 6, 2014 by Aaron Higbee in Internet Security Awareness

Canary, the leading-edge v36 of the Google Chrome browser, includes a new feature that attempts to make malicious websites easier to identify by burying the URL and moving the domains from the URI/URL address bar (known in Chrome as the “Omnibox”) into a location now known as “Origin Chip”. In theory, this makes it easier for users to identify phishing sites, but we’ve discovered a major oversight that makes the reality much different. Canary is still in beta, but a flaw that impacts the visibility of a URL is typically something we only see once every few years. We’ve discovered...


Numbers of Victims of Cybercrime are Soaring

April 30, 2014 by Cofense in Internet Security Awareness

Reports from law enforcement agencies around the world show that there have been even more victims of cybercrime in the past 12 months than in any other year. Attacks are being conducted alarmingly frequently, and cybercriminals are becoming even more brazen. However, cybercrime is still not dealt with in the same way as other types of crime. Say you leave home, only to return to your front door kicked in. Everything of value has been stolen. What would you do? You’d call the police immediately, right? Now pretend you get an email from what looks to be your bank. They...


Phishing with a malicious .zip attachment

April 29, 2014 by Cofense in Phishing

A few weeks ago, we received a round of phishing emails with malware that seemed a little more special than your run-of-the-mill ZeuS, so we decided to give it some analysis. The email was reported by a user at PhishMe. We really do drink our own kool-aid. Figure 1 shows a screenshot of the email that is being analyzed.


HTML Attachment Phishing: What You Need to Know

April 23, 2014 by Cofense in Phishing

Are you aware of HTML attachment phishing? It is one of the latest trends with cybercriminals. Instead of emailing downloaders that contact C7C servers to download crypto malware, Troijans, or other nasties, HTML attachments are being sent. HTML attachment phishing is less well known, and as a result, many people are falling for phishing scams. Even though this past weekend was a holiday weekend for many, there is a good chance that you still checked your email fairly often. If you are like me, you typically use your phone or another mobile device to check your email on the go....


Watering Holes vs. Spear Phishing

April 22, 2014 by Cofense in Phishing

How Does A Watering Hole Attack Work? Water holing attacks originate by compromising trusted websites and infecting the computers or other devices that visit that site. A successful watering hole attack casts a wide net and has the potential to compromise a large number of users across multiple organizations. This flood of information is a double-edged sword, as attackers have to parse through a large amount of data to find information of value. Additionally, these attacks often exploit zero-day vulnerabilities, so their increased popularity means attackers are burning through zero-days faster, and companies are responding faster as well, stopping attacks...


Cyber Chess: How You Can Win

April 21, 2014 by Cofense in Internet Security Awareness

Most of us are not very good at playing chess – if we play at all.  However, many of us at least have some familiarity with the game. The following quick description will help in the discussion of Cyber Chess – the game the good guys (white pieces) “play” against the cybercriminals (black pieces) as they try to steal anything we value from our cyber world. The chess game is described in three phases. The Opening:  During the opening, you and your opponent make several moves to establish a battlefront. The Middle Game:  The middle game is the direct battle...


Why Do We Treat Cybercrime Differently than Real-Life Crime?

April 20, 2014 by Cofense in Internet Security Awareness

What would you do if you were the victim of a crime? For example, what if you walk out to your car after work and find the window smashed and the stereo stolen? Wouldn’t you call the police? Imagine that, this weekend, you’re leaving a bar with some friends. A man walks up, points a gun at you and demands your wallet. You’d call the police, right? Now pretend you receive an email saying that the bank needs you to reset your password. You go to the provided website in the email and the next time you check your balance...


GameOver Zeus: Three Things You Should Know

April 2, 2014 by Cofense in Malware Analysis

The Zeus banking Trojan is a popular topic in the security world these days. It’s not new, but it still garners attention as one of the most successful and prolific Trojans in use today. Banking Trojans hide on infected machines and intercept activity related to the user’s finances—bank account logins, investment information, even purchases on sites like eBay. This differs from phishing. With phishing, an end user is infected with a banking Trojan like Zeus, but they are not directed to a fake website and made to believe they are logging in to an official website. Instead, he or she...