Author Archives: Yevgeny Pats

IDN Homograph Attack Is Back For Some Crypto

Homograph attacks are a decade-old problem. Last time it made headlines was just last week with the attack on Binanace Exchange and before that when security enthusiast, Xudong Zheng published a vulnerability in the way modern browsers handle domain names. … Read More

Phishing Beetle

With a Little Help From The Banks

In this post, I’ll analyse a phishing attack we recently encountered in the wild targeting NAB (National Australia Bank) implementing two phishing techniques: “The Phishing Collage” (you can read about it in a previous post) and a new technique we … Read More

“Secure Hop” or How Attackers Bypass Microsoft Office365 ATP (Advanced Threat Protection)

In this post, I’ll present an analysis of a phishing attack we recently saw in the wild that targeted Facebook. The attackers used an easy trick we called “secure hop” to bypass Microsoft Office365 ATP solution (tested) and probably other … Read More

phishing collage

The Phishing Collage

We recently encountered a wave of attacks targeting Google G Suite using a technique we named the ‘phishing collage’ which evades different traditional solutions that try to detect zero-day phishing attacks by parsing and analysis of HTML payload. Attack Analysis … Read More

Hello World, The State of Phishing, Self-Driving Cars and Quantum Computing

We live in a very fascinating time with technology advances like never before. Self-driving cars and quantum computers are just some of the amazing innovations that are going to change life as we know it and they are going to … Read More