AppRiver Update

Cybersecurity News and Threat Intelligence for Business

FTCode Ransomware Drops, Rocks, & Locks Files

on October 17, 2019 | by David Pickett | malware, advanced email security, Ransomware

A ransomware named FTCode is currently being used in email campaigns targeting Italian customers. These emails have been arriving posing as resumes, invoices, or document scans. While monitoring for new variants, we spotted one which departed from the norm. Surprisingly, it played Rammstein music fo ... read more

Hurricane Dorian Scams Continue To Make Landfall

on September 12, 2019 | by David Pickett | advanced email security, scams

Major disasters seem to bring out the best in some people and the worst from scammers. After every large news event or natural disaster we see the associated scams. The example within is very simple but shows predators are out there waiting for any opportunity to pounce. read more

HawkEye RAT- Posing as HSBC Notification

on September 04, 2019 | by Troy Gill | advanced email security, malware, Ransomware, RAT

The malware being leveraged in this attack is none other than the HawkEye Reborn v9 RAT. HawkEye has been around for many years, with this latest version emerging in underground forums earlier this year. It is marketed as read more

Phishing Attacks Abuse Microsoft Office Surveys

on July 24, 2019 | by David Pickett | microsoft 365, advanced email security, phishing

While many malicious attackers have been busy exploiting Microsoft Azure to launch phishing and malware attacks, lesser skilled actors have increasingly turned to Microsoft Excel or Forms online surveys. It's extremely easy to craft a phishing site using the built-in survey template that Excel or Fo ... read more

Spy MAX Android RAT Targets Luxury Business Sector

on June 05, 2019 | by David Pickett | android, malware, advanced email security

On June 4, 2019, AppRiver's Advanced Email Security filter began to quarantine low volume waves of highly targeted attacks directed toward businesses who operate in the luxury services sector. Examples of these businesses include yacht brokers, executive housekeeping and staffing providers, and som ... read more

THREAT ALERT - Malware Being Hosted On Azure

on May 30, 2019 | by David Pickett | malware, web security, advanced email security

THREAT ALERT - AZURE CURRENTLY HOSTING MALWAREOn Sept. 7, 2018, we first detailed how malicious attackers abused Azure's Custom Domain Name registrations to host credential phishing sites. On April 29, 2019, we released information on how compromised user data was exposed from attacks originating fr ... read more

Business Email Compromise Attacks via Name Imperso…

on May 06, 2019 | by David Pickett | advanced email security, email fraud, impersonation

Name impersonation attacks have exploded in popularity over the past few years. They cost malicious actors little time, infrastructure, or sophistication. The FBI's Internet Crime Complaint Center recently reported over 900 complaints a day in 2018 and $2.7 billion in American losses alone. It's ext ... read more

Microsoft Azure Customized Domain Name Phishing At…

on April 29, 2019 | by David Pickett | advanced email security, phishing

THREAT ALERT UPDATE: Cybercrooks Abusing Azure Custom Domain Name Feature On Sept. 7, 2018, we detailed how malicious attackers abuse Microsoft Azure's Custom Domain Name registrations to host credential phishing sites. This type of "living-off-the-land" attack utilizes phishing sites which reside o ... read more