Category Archives: Uncategorized

Welcome to the final BushidoToken blog of 2022. Over the last year or so, an associate of mine in the UK has been targeted by a persistent Chinese-speaking scammer. The scammer often calls once or twice a month from a unique UK-based phone number and, if left unanswered, leaves an unusual automated voicemail.  I got […]

For my first research blog of 2022, I analysed a suspected intelligence gathering campaign targeting renewable energy and industrial technology organisations, with a particular focus on Bulgaria. This long-running espionage campaign leveraged multiple credential harvesting pages to target the email accounts of employees at a number of organisations between 2019 and is ongoing in 2022. […]

Phishing threat actors are continuously seeking new methods to increase the chances of success in their campaigns. Phishing is still one of the main initial access vectors into target networks. One technique that makes phishing emails particularly difficult to block is the use of open redirect vulnerabilities to distribute malicious links. Although often underestimated and left […]

Legitimate third-party Platform-as-a-Service (PaaS) providers are becoming increasingly leveraged by threat actors for phishing and malware deployment. PaaS providers such as cloud instances, marketing platforms, content delivery networks (CDN), and dynamic DNS servers have been weaponised for a range of malicious activities. One of the key benefits is that they can be used to evade detection […]

Background:  The Qakbot banking Trojan is one of the top-tier malware families on the current threat landscape. It is distributed in mass spam campaigns, steals confidential information, and has also provided access to ransomware operators. Preventing and detecting this threat has become a priority for many organisations as a successful infection can lead to a […]