Holiday shopping has always brought the year's best deals — along with plenty of new cyber threats. This year will bring plenty of both, starting earlier than ever.

Retailers send e-mails offering promotions and discounts – and that's something cybercriminals can exploit by sending messages of their own; phishing emails enticing people with an offer of bargains to steal money, usernames and passwords, personal information, and more. The majority of the holiday-themed cyber-attacks happen through phishing emails.

Leverage the cloud with the InQuest SaaS for Email Security!

Latest InQuest™ Blog Posts

SOC-Class: Use Case Development

Posted on 2020-11-23 by Chris Crowley and Josiah Smith

The SOC-Class is a niche course on cybersecurity operations, training CISOs, SOC Managers, and technical leads to build and excel in Cybersecurity Operations Centers SOCs/CSOCs. This use case development methodology is one of the approaches discussed in the course and is intended to provide a framework for the mature and repeatable construction of engineered detections.

The Trystero Project: A Comparison of Mail Providers

Posted on 2020-11-24 by Isabelle Quinn

To validate an e-mail security stack's capability in blocking current real-world threats harvested from the wild, InQuest gathers unique malware daily and validates the common cloud e-mail providers (GSuite, O365). Collectively (stacked on top of one another), the providers' default security stacks are capable of detecting between 85% and 95% of these novel attacks. The samples capable of bypassing these stacks are candidates for the InQuest Email Security Assessment.

InQuest™ Labs Research Spotlight

Halogen

Halogen is a tool to automate the creation of yara rules against image files embedded within a malicious document.

urlhunter

urlhunter is a recon tool that allows searching on URLs that are exposed via shortener services such as bit.ly and goo.gl.

Python-fire

A tool made for identifying phishing kits URLs used in phishing campaigns targeting your customers and using some of your website files (as CSS, JS, ...).

Global Security Events

Evolution of Emotet: From Banking Trojan to Malware Distributor

Emotet is one of the most dangerous and widespread malware threats active today. Ever since its discovery in 2014—when Emotet was a standard credential stealer and banking Trojan, the malware has evolved into a modular, polymorphic platform for distributing other kinds of computer viruses.

The Grelos Skimmer: A New Variant

The grelos skimmer has been around since 2015, and, like many other long-lived skimmers, it has evolved and changed significantly over time. In July, @AffableKraut described a recent variant of the skimmer featuring multiple layers of base64 obfuscation hiding a two-stage skimmer.

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Fraudsters redirected email and web traffic destined for several cryptocurrency trading platforms over the past week. The attacks were facilitated by scams targeting employees at GoDaddy, the world’s largest domain name registrar.

Useful Links

Support

Social

Twitter

GitHub

InQuest™ Insider - Your monthly resource for the latest in cyber security news, trends, tips and tools. Subscribe here.

Unsubscribe here.