R&D Release Notes - Week of November 11, 2024

Detection capabilities have been enhanced to combat emerging threats, including cryptocurrency scams, phishing attacks impersonating Salesforce and DocuSign, and malicious campaigns leveraging Google Drive and free-hosting platforms. Identity remediation has been expanded to Google Workspace and Okta, enabling swift action against high-severity account takeovers through access suspension and password resets. These improvements strengthen defenses across a growing ecosystem.

This week's attack highlights a Business Email Compromise (BEC) leveraging executive impersonation to steal sensitive financial data, such as payment details and contact information. By exploiting the authority of the CEO and CFO, the attack created urgency and bypassed human skepticism, evading detection by passing authentication checks and avoiding malicious links or attachments.

Abnormal's advanced behavioral analysis and natural language processing identified deviations from normal communication patterns and detected the financial-themed urgency, effectively remediating the attack before any harm was done.