Microsoft Warns of Widespread Phishing Attacks Using Open Redirects – Tempemail

Microsoft is warning of a widespread credential phishing campaign that leverages open redirector links in email communications as a vector to trick users into visiting malicious websites while effectively bypassing security software. “Attackers combine these links with social engineering baits that impersonate well-known productivity tools and services to lure users Continue Reading

Analytical report on gaming-related cyberthreats in 2020-2021- Tempemail

The video game industry is soaring, not in the least thanks to the lockdowns, which forced people to look for new ways to entertain themselves and socialize. Even with things going back to normal, gaming is expected to have a very bright future. Newzoo estimates the industry to gross 175.8 Continue Reading

Hackers Spotted Using Morse Code in Phishing Attacks to Evade Detection – Tempemail

Microsoft has disclosed details of an evasive year-long social engineering campaign wherein the operators kept changing their obfuscation and encryption mechanisms every 37 days on average, including relying on Morse code, in an attempt to cover their tracks and surreptitiously harvest user credentials. The phishing attacks take the form of Continue Reading

Q2 2021 spam and phishing report- Tempemail

Quarterly highlights The corporate sector In Q2 2021, corporate accounts continued to be one of the most tempting targets for cybercriminals. To add to the credibility of links in emails, scammers imitated mailings from popular cloud services. This technique has been used many times before. A fake notification about a Microsoft Continue Reading

Managed Detection and Response in Q4 2020- Tempemail

 Download full report (PDF) As cyberattacks become more sophisticated, and security solutions require more resources to analyze the huge amount of data gathered every day, many organizations feel the need for advanced security services that can deal with this growing complexity in real time, 24/7. This article contains some analytical Continue Reading

Arrests of members of Tetrade seed groups Grandoreiro and Melcoz- Tempemail

Spain’s Ministry of the Interior has announced the arrest of 16 individuals connected to the Grandoreiro and Melcoz (also known as Mekotio) cybercrime groups. Both are originally from Brazil and form part of the Tetrade umbrella, operating for a few years now in Latin America and Western Europe. Grandoreiro is Continue Reading

LuminousMoth APT: Sweeping attacks for the chosen few- Tempemail

APT actors are known for the frequently targeted nature of their attacks. Typically, they will handpick a set of targets that in turn are handled with almost surgical precision, with infection vectors, malicious implants and payloads being tailored to the victims’ identities or environment. It’s not often we observe a Continue Reading

Quick look at CVE-2021-1675 & CVE-2021-34527 (aka PrintNightmare)- Tempemail

Summary Last week Microsoft warned Windows users about vulnerabilities in the Windows Print Spooler service – CVE-2021-1675 and CVE-2021-34527 (also known as PrintNightmare). Both vulnerabilities can be used by an attacker with a regular user account to take control of a vulnerable server or client machine that runs the Windows Continue Reading

Wildpressure targets macOS | Securelist- Tempemail

New findings Our previous story regarding WildPressure was dedicated to their campaign against industrial-related targets in the Middle East. By keeping track of their malware in spring 2021, we were able to find a newer version. It contains the C++ Milum Trojan, a corresponding VBScript variant with the same version Continue Reading

REvil ransomware attack against MSPs and its clients around the world- Tempemail

An attack perpetrated by REvil aka Sodinokibi ransomware gang against Managed Service Providers (MSPs) and their clients was discovered on July 2. Some of the victims have reportedly been compromised through a popular MSP software which led to encryption of their customers. The total number of encrypted businesses could run Continue Reading