An investigation into a suspicious Facebook Messenger message led to the identification of an active Facebook phishing campaign seemingly resulting in victim accounts being abused by the threat actor to further propagate the phishing lure.

Wednesday 15 July 2020 saw the compromise of multiple high-profile Twitter users, including cryptocurrency exchanges, famous individuals and organizations, with their accounts subsequently being abused to Tweet cryptocurrency giveaway scams.

Following reports of suspected ransomware attacks against various organizations in Taiwan, this report summarizes what is known of the threats thus far as well as providing recommendations for those that either operate in the targeted industries or region.

Cyberint research team closely monitors threats related to COVID-19, leveraging the global fear and uncertainty around it. Utilizing thematic lures, a variety of cyberattacks have been launched during a time when many are seeking critical information on the outbreak. Exploiting the headline-dominating crisis, individuals, organizations and governments alike are tricked into opening malicious payloads, visiting malicious websites and are subject to misinformation or fraud.

We love it when our teams and colleagues are sharing with us their personal projects and findings - this time, Android Apps Penetration Testing by our own Noy Pearl. If you are an android developer, pen-tester, researcher or just like most of us a security enthusiasts - this one is for you.

As the ongoing COVID-19 (Coronavirus) pandemic spreads around the world, the unprecedented and evolving global situation has created numerous opportunities for threat actors to leverage the worldwide concern and anxiety in their nefarious campaigns. Cyberint Research is closely monitoring the cyber threats leveraging COVID-19 pandemic. As part of those activities, our team compiled a summary addressing the initial activities we detected.

Throughout 2019 CyberInt Research observed multiple events related to Konni, remote administration tool, observed in the wild since early 2014. The Konni malware family is potentially linked to APT37, a North-Korean cyber espionage group active since 2012. The group primary victims are South-Korean political organizations, as well as Japan, Vietnam, Russia, Nepal, China, India, Romania, Kuwait, and other parts of the Middle East.

As a result of this ever-increasing volume and sophistication, SOC’s and SIEM’s using traditional, reactive measures are overwhelmed. More and more organizations are turning to detection and response solutions which combine threat intelligence and cyber expertise, to uncover and remediate threats as early as possible, and also to mitigate risk of future attacks.

2019 has become another record-breaking year in eCommerce. This unprecedented growth has a dark side - since an overwhelming 71% of security incidents are financially motivated, digital retailers are becoming even more attractive targets for cyber attacks and fraud. As we near 2020, digital retailers will have to work hard to protect their digital assets. Here are a few factors that will make this task harder than ever.

CyberInt researchers invest significant time and effort into researching and trying to mitigate the next cyber attack. In addition, breach reports that detail the mode of attack and how it was discovered are published freely with the aim of sharing the knowledge. While this is not the purpose behind our research, it is nice to be recognized. We have been amassing awards and recognition recently, and have been identified as a Top 100 MSSP (Managed Security Services Provider).