SpiderLabs Blog

DanaBot Riding Fake MYOB Invoice Emails

July 16, 2018
Dr. Fahim Abbasi
Comments (0)

Authors: Dr. Fahim Abbasi and Diana Lopera We recently observed phishing emails targeting Australian customers with fake MYOB invoices. Instead of the usual HTTP links, these emails were ridden with FTP links pointing to compromised FTP servers. While most of...

Read More

All Your Base64 Are Belong To Us – Dynamic vs. Static Analysis of Web Content

April 11, 2018
Simon Kenin
Comments (0)

I recently encountered an interesting phishing scheme when reviewing telemetry of incidents blocked by Trustwave Secure Web Gateway (SWG). My investigation into the scheme uncovered some interesting points and led me here: Figure 1: Phishing content only blocked by 1/67...

Read More

Fake ASIC Renewal Spam Delivers Malware to Australian Companies

February 21, 2018
Dr. Fahim Abbasi
Comments (0)

The Australian Securities and Investment Commission (ASIC) is an independent government agency that is Australia's corporate, market and financial services regulator. ASIC provides several services including registration services for Australian companies. Opportunist Scammers taking advantage of the new year, leveraged...

Read More

Multi-Stage Email Word Attack Without Macros

February 14, 2018
Homer Pacag
Comments (0)

Malware authors often distribute malware through code macros in Microsoft Office documents such as Word, Excel, or PowerPoint. Regardless of the particular Office version, macros can be executed whenever the user opens the file. By default users get warnings from...

Read More

SpiderLabs^® Blog

Showing 4 results for: 2018 ×Malware ×

DanaBot Riding Fake MYOB Invoice Emails

All Your Base64 Are Belong To Us – Dynamic vs. Static Analysis of Web Content

Fake ASIC Renewal Spam Delivers Malware to Australian Companies

Multi-Stage Email Word Attack Without Macros