InQuest Blog
Posted on 2023-03-22Darren Spruell
New malicious documents named with a payment/invoice theme contain an image that is hyperlinked in an attempt to draw clicks to a phishing site. The impact of this threat activity is the compromise of user credentials. Recently, InQuest Labs analysts responded to a specific credential phishing attack discovered by a municipal government organization. Discover our tips organizations should consider to protect users and their credentials.
Posted on 2023-02-27Darren Spruell
Microsoft OneNote is a file type now entrenched in the ongoing saga of abused file formats leveraged by adversaries to reach through defenses and deliver malware payloads to end users. Recently, we have seen OneNote's sudden rise to prominence, following a pattern of other types of files used in the same capacity. Below are our insights into aspects of the threat landscape and tips organizations should consider to protect users and their data.
Posted on 2023-01-31Trevor Borden
ThreatIngestor is a flexible, configuration-driven, extensible framework for consuming threat intelligence. It can monitor Twitter, RSS feeds, and other sources, extract meaningful information like C2 IPs/domains and YARA signatures, then send that information to other systems for analysis.
Posted on 2023-01-03Isabelle Quinn
Posted on 2022-12-29Isabelle Quinn
Email hygiene in the world of security has to do with configuring a set of email authentication and verification methods that prove to ISPs and mail services that your sending servers are, in fact, authorized to send out email from your domains.