Category Archives: Uncategorized

I recently discovered a phishing command and control (C&C) Simple Mail Transfer Protocol (SMTP) server hosted on the same page where the phishing kit was deployed. Not surprisingly, their target was PayPal. The Leaf PHP Mailer: The phishing page has all the features you would largely expect to see of a phishing C&C. The main […]

For the past three months, I’ve repeatedly received the same phishing email posing as a PayPal notification stating, “your account has been suspended,” attempting to steal my login details. The email arrives from “service@paypal.com” and looks very convincing for the average user.  Here is the current phishing chain the threat actors are currently using in […]

If you wanted to learn how an organized cybercriminal operation worked, look no further than the threat group known as Conti. The recent leaks of the group’s chat logs have uncovered an unprecedented wealth of information and insights into how these veteran cybercriminals organize themselves.  Cyber Threat Intelligence (CTI) vendors and independent researchers have spent weeks […]

The title of this blog pays tribute to the film Tinker Tailor Soldier Spy, drawing a parallel between video games, cheating, and the world of hacking and espionage. It highlights the fact that the world of gaming and cybersecurity are deeply connected. A popular narrative in the cybersecurity industry is that many professionals were first […]

On 3 February 2022, the The UK Office of Gas and Electricity Markets (Ofgem) issued a warning that there has been a “record increase in global gas prices” which saw an “energy price cap rise of 54%”; adding that “Ofgem knows this rise will be extremely worrying for many people”. That last sentence is precisely why phishing […]