<!doctype html>

Join InQuest Live, tomorrow 3/30 at 1 pm ET, for “Think Before You Click: How Your Files Are Exposing You to Malware Every Day,” as we discuss why file-borne threats should be your number one priority for cybersecurity in 2023.

During this webinar, industry experts will review the most infamous file-borne attacks, highlight recent malware tactics, and discuss what’s in store for the future of cybersecurity.

What you’ll learn:

  • What you can do to close the end-user gap that threat actors are continuously striving to breach every day
  • How to stay ahead of the game while protecting your organization from cyberattacks with Deep File Inspection (DFI).
Reserve Your Spot
InQuest Email Security Assessment
This month we harvested 648 samples from the wild capable of bypassing either Microsoft or Google. Of those, Microsoft missed 153 (24%), and Google missed 235 (36%). The distribution of misses by file type is depicted below:
Want to validate the efficacy of your email security stack? InQuire here for a one-month free email attack simulation
InQuest Latest Blog Posts

Credential Caution: Exploring the New Public Cloud File-Borne Phishing Attack

Posted on 2023-03-22 by Darren Spruell

New malicious documents named with a payment/invoice theme contain an image that is hyperlinked in an attempt to draw clicks to a phishing site. The impact of this threat activity is the compromise of user credentials. Recently, InQuest Labs analysts responded to a specific credential phishing attack discovered by a municipal government organization. Discover our tips organizations should consider to protect users and their credentials.

Read more
InQuest Labs Research Spotlight


Secretive is an app for storing and managing SSH keys in the Secure Enclave. It is inspired by the sekey project, but rewritten in Swift with no external dependencies and with a handy native management app.

Read more

Network Flight Simulator

flightsim is a lightweight utility used to generate malicious network traffic and help security teams to evaluate security controls and network visibility. The tool performs tests to simulate DNS tunneling, DGA traffic, requests to known active C2 destinations, and other suspicious traffic patterns.

Read more


ChatDoctor is a next-generation AI doctor model that is based on the LLaMA model. The goal of this project is to provide patients with an intelligent and reliable healthcare companion that can answer their medical queries and provide them with personalized medical advice.

Read more
Global Security Events

New CISA tool detects hacking activity in Microsoft cloud services

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has released a new open-source incident response tool that helps detect signs of malicious activity in Microsoft cloud environments. Known as the 'Untitled Goose Tool' and developed in collaboration with Sandia, a U.S. Department of Energy national laboratory, this Python-based utility can dump telemetry information from Azure Active Directory, Microsoft Azure, and Microsoft 365 environments.

Read more

Journalist plugs in unknown USB drive mailed to him—it exploded in his face

Five Ecuadorian journalists have received USB drives in the mail from Quinsaloma. Each of the USB sticks was meant to explode when activated. Upon receiving the drive, Lenin Artieda of the Ecuavisa TV station in Guayaquil inserted it into his computer, at which point it exploded.

Read more

Suspected Chinese Campaign to Persist on SonicWall Devices, Highlights Importance of Monitoring Edge Devices

Mandiant, working in partnership with SonicWall Product Security and Incident Response Team (PSIRT), has identified a suspected Chinese campaign that involves maintaining long term persistence by running malware on an unpatched SonicWall Secure Mobile Access (SMA) appliance.

Read more
InQuest Insider - Your monthly resource for the latest in cyber security news, trends, tips, and tools. Subscribe here.
Copyright © InQuest 2023
This email was sent to *|EMAIL|* why did I get this?    unsubscribe from this list    update subscription preferences *|LIST:ADDRESSLINE|*