What is Phishing Detection and Response?  In today’s digital world, the strength of an organization’s cybersecurity posture directly influences its resilience against disruptions. Phishing Detection and Response (PDR) is a critical component of this defensive matrix––it involves identifying, assessing, and neutralizing malicious or suspicious activities within email systems as quickly as possible.   Why Prioritize PDR?  It’s simple – email is like the front door to your organization and just as you wouldn’t leave your front door wide open, the same is true for securing your ..read more

By Nathaniel Raymond Agent Tesla has become a massively popular choice of malware for threat actors since its first appearance in 2014 and for good reasons. This vetted Malware-as-a-Service, MaaS, owes its popularity to many attractive factors that Cofense has broken down in a previous Strategic Analysis which include being an affordable malware service option, easy to use, having multiple capabilities at and during infection time, and being flexible in its exfiltration choices. These features, coupled with Agent Tesla’s relatively long life, have led this malware family to become the most wi ..read more

In the complex landscape of cybersecurity, the shadow of nation-state hacking looms large. Recently, the world witnessed a significant breach as Microsoft announced a large-scale attack by Midnight Blizzard, a group of Russian government-backed hackers. The repercussions of this attack have far-reaching consequences and call into question the ability of Microsoft to protect not only their customers’ email security, but their own executives.     Midnight Blizzard was able to gain unprecedented access to Microsoft’s corporate network. The initial shockwaves were felt as they rans ..read more

Phishing attacks are a real and persistent threat that require organizations to make significant investments to protect their most valuable assets. But how do executives and senior leaders know the return on investment (ROI) of their security systems? That’s exactly why we created the new Cofense Vision UI Dashboard; to help your organization understand and articulate the value Cofense Phishing Detection and Response (PDR) Platform brings to the organization. The platform is made up of threat hunting, phishing prevention and mitigation capabilities which allows customers to gain vis ..read more

By Max Gannon Scalable Vector Graphic files, or SVG files, are image files that have become an advanced tactic for malware delivery that has greatly evolved over time. The use of SVG files to deliver malware was made even easier when the tool AutoSmuggle, a program used to deliver malicious files embedded in HTML or SVG content, was released in May 2022. Threat actors have recently started to extensively exploit AutoSmuggle in 2 unique campaigns starting in December 2023 and January 2024. Main Takeaways  SVG files have been used to deliver malware at scale as early as 2015.  SVG fi ..read more

By Nathaniel Raymond A relatively small malicious car insurance/financial-themed email campaign has been landing in inboxes since late January of this year. These basic malicious emails promise the user a large financial sum via an invitation to click the embedded marketing or Google Ad link that leads to a believed compromised website, blawx[.]com, where they can download the instructions to claim their lump sum of money. The website was re-designed to support the theme of the email and supply another link to download the “instructions.” However, the link on the website delivers a JavaScript ..read more

By Dylan Duncan Cofense Intelligence is tracking an advanced campaign that is successfully reaching intended targets in the Oil and Gas industry. The campaign delivers an uncommon, but advanced, Malware-as-a-Service information stealer, the Rhadamanthys Stealer. This new and advanced phishing campaign employs a recently updated Malware-as-a-Service (MaaS) within days of law enforcement’s takedown of LockBit ransomware group, one of the most active Ransomware-as-a-Service (RaaS). Based on a report by Cyberint published on January 22nd, the malware family recently received a major update on the ..read more

LEESBURG, Va. – February 20, 2024 – Cofense® , the pioneer and leading provider of email security awareness training (SAT) and advanced phishing detection and response (PDR) solutions, today announced the release of its 2024 Annual State of Email Security Report. The data included in this report are curated from the Cofense Phishing Detection Center which has a 99.998% positive accuracy rate and reveals alarming trends and critical insights into the current landscape of email security.  The Cofense Phishing Detection and Response Platform, powered by over 35 million Cofense-trained emplo ..read more

The Cofense 2024 Annual State of Email Security Report sheds light on emerging trends in the cybersecurity threat landscape, highlighting areas of concern and indicating where your security team should focus in the coming year. The data that informs this report sends a clear message: secure email gateways (SEGs) are not evolving with the current threat landscape as thousands of malicious emails are bypassing them daily. In fact, our experts in the Cofense Phishing Defense Center (PDC) saw a record-breaking increase in malicious threats making it past all SEGs on the market over the last year ..read more

This should come as no surprise, but email is the #1 attack vector used by cybercriminals. Do you know why? Because it works. Unsuspecting users are tricked every day into clicking malicious emails that make it to their inbox. Yes, there are security measures, like secure email gateways (SEGs) that stop some threats. But did you know they only stop 50-70% of malicious emails that are targeting your company? That means 30-50% of email threats bypass SEGs and make it into your employees’ inboxes. How do we know? Because we see thousands of missed threats every single day and here’s the proof. S ..read more