Avanan Blog Attack Briefs (26)

SiteCloak Phishing: Office 365's Safe Links is Under Attack

Highlights: Attackers have expanded the battleground from the inbox to the web This is the hacker’s response to click-time protection and the technique is able to by...

Read more

SiteCloak Link Attack: Email URL Obfuscation Techniques

We are seeing a rise in the number of phishing attacks that bypass Office 365 due to the attackers’ use of obfuscation techniques on the credential harvesting websit...

Read more

SYLKin Attack: New Malicious .slk files are bypassing Microsoft 365 Security, Risking 200M+ Users

A new attack method bypasses both Microsoft 365 default security (EOP) and advanced security (ATP). At the time of writing, Microsoft 365 is still vulnerable and the...

Read more

Why Slack and Microsoft Teams Are Not as Secure as You Think

Highlights Avanan protects Slack and Microsoft Teams with one click. Despite many users thinking otherwise, Slack and Microsoft Teams have no inherent security prote...

Read more

CoronaPhishing: Hackers are using COVID-19 to Attack Your Users

Starting Today: Stop shaking hands. Stop clicking on any email that mentions Coronavirus! Our security analysts have seen a significant rise in phishing emails that ...

Read more

Cybercriminals Use Microsoft Sway Scams to Phish Office 365 Security and Your Well-Trained Users

Have you heard of Microsoft Sway? If you haven’t, there’s a good chance your users don’t know about it either. That’s why this content creation service is used in ph...

Read more


QReep: Sextortion campaign uses QR codes to link to bitcoin wallets instead of URLs

Avanan has uncovered a new sextortion attack that uses QR codes instead of URLs to avoid bitcoin wallet detection. To drive the attack, hackers claim they have foota...

Read more


Update — HTML Attachment Attack on Office 365

This summer, we reported that hackers were bypassing Office 365 EOP and ATP with an ingeniously simple attack that uses HTML attachments in email to launch phishing ...

Read more


5 Things Security Professionals Should Know About the DNC Email Breach

As we enter the 2020 election season, we are once again discussing the possibility of foreign intervention, which puts the 2016 hack of the Democratic National Commi...

Read more


Re:Ploy Email Chain Hijack Attack

Let’s say your organization has the best security. Your employees are trained to never fall victim to phishing. You have SSO and it’s very hard to take over your acc...

Read more

14-Day Free Trial – Experience the power and simplicity of Avanan Cloud Security.   Start Free Trial