To Stop Zero-Day Phishing Attacks Like USAID, Consider a Defense-In-Depth Approach

June 1, 2021

The threat actor behind the SolarWinds attack, the Russian-based Nobelium, has orchestrated another successful vendor email compromise attack, this time targeting the United States Agency for International Development (USAID). According to Microsoft’s Threat Intelligence Center, Nobelium compromised the USAID’s Constant

Coronavirus Credential Theft

March 13, 2020

In this attack, an attacker is impersonating a university’s “health team” to trick victims into...

Abnormal Security on COVID-19

March 10, 2020

Given uncertainty with COVID-19, I wanted to reach out to personally assure you that Abnormal...

Fake Email Delivery Failure

March 5, 2020

Quick Summary: Platform: Office 365 Mailboxes: Between 1,000 and 5,000 Email Gateway: None Email Security...

ESG Survey Explores Gaps in Business Email Compromise (BEC) Controls in Cloud Email Platforms

February 27, 2020

To track the history of email security, there’s no better gauge than the FBI Internet...

Coronavirus Phishing Attacks

February 14, 2020

In this attack, attackers are impersonating the CDC in order to trick victims into clicking...

Abnormal Attack Stories #3: O365 Takeover Without Stealing Credentials

January 21, 2020

Quick Summary: Platform: Office 365 Mailboxes: Between 10,000 and 15,000 Email Gateway: None Email Security...

Microsoft Impersonation => Phishing + MFA Bypass

January 14, 2020

Quick Summary: Platform: Office 365 Mailboxes: 2,500 to 5,000 Email Gateway: None Email Security Bypassed:...

Executive Impersonation and Vendor Invoice Fraud

January 7, 2020

Quick Summary: Platform: Office 365 Mailboxes: >50,000 Email Gateway: IronPort Email Security Bypassed: ATP Victims:...