Author Archives: Emin Baylarov
Oct
Threat hunting in public sandboxes has been, admittedly, a hobby of mine for the last two years or so. Recently, I have been looking through the geo-specific uploads that arrive in one such sandbox called Any.Run. It is no secret I am from the UK, so from time-to-time I like to check what malware is […]
Phishing threat actors continue to launch successful credential harvesting campaigns via compromised Office 365 accounts. One of the most common themes for these campaigns is a “shared file” notification, whereby a compromised account shares a file with a user that is hosted in the SharePoint drive. The file is usually a PDF document that contains […]
Aug
Online shopping sites are prime targets for cybercriminals. Large sites can process vast quantities of personal information and payment data, making them a high-value reward if successfully hijacked. On 29 April, Malwarebytes Threat Intelligence shared a JavaScript web skimmer their team discovered on a compromised French Canadian online shoe store. The skimmer was injected into the online […]