Avanan Blog Attack Briefs (10)


Passing Notes: Phishing Attack Leverages OneNote

One of the most appealing parts of the Microsoft suite is all that you can do with it. Spreadsheets in Excel. Presentations in PowerPoint. Note taking in OneNote. Bu...

Read more

Ransomware: What an Attack Looks Like

You've seen a ton in the news about ransomware. Massive ransomware increases at hospitals. Local governments falling prey to ransomware. Schools being held for ranso...

Read more

Government Agencies See Double the Phishing Attacks Over Last Two Weeks

With the election here, more and more malicious attacks have started hitting inboxes. Whether it's phishing messages related to the candidates themselves, healthcare...

Read more

Ransomware Threat Picks Up for Health Care Organizations

A joint cybersecurity advisory was released by the FBI, CISA and HHS detailing an increased threat of Ryuk ransomware targeted at health care organizations. 

Read more

Excel-ent Adventure: Getting Past Proofpoint with Spreadsheet Obfuscation

Over the course of your working lifetime, how many Excel spreadsheets have you been sent?

Read more

Emerging Phishing Attack Uses HTML Redirection to Bypass Microsoft ATP

Avanan researchers have uncovered an emerging phishing technique that has not yet been released by hackers and is still in testing mode on the dark web, but promises...

Read more

Bonu$ Bu$ter: Fake Bonus Notification Steals Credentials Instead

There are few things better than receiving a bonus at work for a job well done. 

Read more

We Played Along With a Business Email Compromise Scam. Here's What Happened Next.

As an email security company, we see all sorts of attacks and scams. It's why our Attack Briefs uncover so many new hacking trends.

Read more

Not-a-Pay-Pal: Hackers Are After Your Money

Money transfers have always been popular online, even more so as cash has become less relevant. 

Read more

Amazon 'Crime': Hackers Are After Your Prime Credentials

E-commerce sales have skyrocketed during the pandemic as people are looking to stock up on goods without going into a store. Amazon, of course, has been one of the b...

Read more

Netflix and Steal: New Attack Targets Streaming Credentials and Payment Info

If you're like most people over the six months, you've spent a lot of time watching and binging shows on Netflix.

Read more

Microsoft SafeLinks Redirect: TattleToken Script

Attackers are using 'smart' redirect servers to hide malicious websites from post-delivery protections like Microsoft SafeLinks and Chrome browser filters.  Summary:...

Read more

SiteCloak Phishing: Office 365's Safe Links is Under Attack

Highlights: Attackers have expanded the battleground from the inbox to the web This is the hacker’s response to click-time protection and the technique is able to by...

Read more

SiteCloak Link Attack: Email URL Obfuscation Techniques

We are seeing a rise in the number of phishing attacks that bypass Office 365 due to the attackers’ use of obfuscation techniques on the credential harvesting websit...

Read more

SYLKin Attack: New Malicious .slk files are bypassing Microsoft 365 Security, Risking 200M+ Users

A new attack method bypasses both Microsoft 365 default security (EOP) and advanced security (ATP). At the time of writing, Microsoft 365 is still vulnerable and the...

Read more

Why Slack and Microsoft Teams Are Not as Secure as You Think

Highlights Avanan protects Slack  and Microsoft Teams with one click.   Despite many users thinking otherwise, Slack and Microsoft Teams have no inherent security pr...

Read more

CoronaPhishing: Hackers are using COVID-19 to Attack Your Users

Starting Today: Stop shaking hands. Stop clicking on any email that mentions Coronavirus! Our security analysts have seen a significant rise in phishing emails that ...

Read more

Cybercriminals Use Microsoft Sway Scams to Phish Office 365 Security and Your Well-Trained Users

Have you heard of Microsoft Sway? If you haven’t, there’s a good chance your users don’t know about it either. That’s why this content creation service is used in ph...

Read more

QR-Code-Attack-Featured

QReep: Sextortion campaign uses QR codes to link to bitcoin wallets instead of URLs

Avanan has uncovered a new sextortion attack that uses QR codes instead of URLs to avoid bitcoin wallet detection. To drive the attack, hackers claim they have foota...

Read more

14-Day Free Trial – Experience the power and simplicity of Avanan Cloud Security.   Start Free Trial