The “Dormant Colors” is yet another vast campaign of malicious extensions with millions of active installations worldwide, this time with a color-related theme and full of deception all through the chain. It starts with the trickery malvertising campaign, continues with a crafty novel way to side-load the real malicious code without anyone noticing (until now!), and finally with stealing not only your searches and browsing data, but also affiliation to 10,000 targeted sites — a capability that is easily leveraged for targeted spear phishing, account takeover and credential extraction — all using this powerful network of millions of infected computers worldwide!

ESET researchers have discovered Lazarus attacks against targets in the Netherlands and Belgium that use spearphishing emails connected to fake job offers.

Circa the beginning of August 2022, while doing security monitoring & incident response services, GTSC SOC team discovered that a critical infrastructure was being attacked, specifically to their Microsoft Exchange application. During the investigation, GTSC Blue Team experts determined that the attack utilized an unpublished Exchange security vulnerability, i.e., a 0-day vulnerability, thus immediately came up with a temporary containment plan.

Analysis of APT28/Fancy Bear PowerPoint mouse-over campaign

We uncovered a campaign on the Microsoft Edge home page where malicious ads are luring victims into tech support scams.

Over 130 organizations have been compromised in a sophisticated attack using simple phishing kits

Over 130 organizations have been compromised in a sophisticated attack using simple phishing kits

Campaign that steals email has targeted at least 10,000 organizations since September.

Campaign that steals email has targeted at least 10,000 organizations since September.