fbpx

phishing

Proactive Hunting with Certificate Transparency Log and Google BigQuery

In this blog, we will quickly go through what is the Certificate Transparency log and how we used BigQuery to search for bad domains trying to spoof a business’s domain (and how you can do it as well). Certificate Transparency … Read More

open source

Open-Source Tool to Block Homograph Phishing Attacks

Today we open-source idn_generator – a tool that helps block recent homograph phishing attacks at the email stage. The tool generates a list of similar domain names (IDN domains) for a given domain (usually the domain of an organization). You can … Read More

IDN Homograph Attack Is Back For Some Crypto

Homograph attacks are a decade-old problem. Last time it made headlines was just last week with the attack on Binanace Exchange and before that when security enthusiast, Xudong Zheng published a vulnerability in the way modern browsers handle domain names. … Read More

Phishing Beetle

With a Little Help From The Banks

In this post, I’ll analyse a phishing attack we recently encountered in the wild targeting NAB (National Australia Bank) implementing two phishing techniques: “The Phishing Collage” (you can read about it in a previous post) and a new technique we … Read More

“Secure Hop” or How Attackers Bypass Microsoft Office365 ATP (Advanced Threat Protection)

In this post, I’ll present an analysis of a phishing attack we recently saw in the wild that targeted Facebook. The attackers used an easy trick we called “secure hop” to bypass Microsoft Office365 ATP solution (tested) and probably other … Read More

phishing collage

The Phishing Collage

We recently encountered a wave of attacks targeting Google G Suite using a technique we named the ‘phishing collage’ which evades different traditional solutions that try to detect zero-day phishing attacks by parsing and analysis of HTML payload. Attack Analysis … Read More