More American Express phishing. Clicking the link takes you to a fake login screen hosted on hxxp://www[dot]pilates-fitness-luzern[dot]ch/images/amex/amex/index.php you know, because…

Malicious link takes you to a Google drive document. Document was removed before it could be analyzed. From: IT DESK…

Link will take you to a fake login page asking for credentials. ——– Original Message ——– Subject: Online Banking Security…

Message preys on fears, current events, and mentions large sums of money. ——– Original Message ——– Subject: I am COVID-19…

Today’s phishing expedition involves an email from hkr.glbi@hotmail[dot]com. Subject line reads “IT. Desk shared “Fwd; I shared School-Transcript-April-2020″ with you.”…

I have been working on a malware investigation for a few weeks. A compromised system was suspected of participating in…

I have added a few pages to archive documents related to large breaches from 2018. You can find links in…

Author’s Note: This article was inspired by a blog posting over at the SANS Storm Center Infosec Forums. The article,…

This is going to be a quick post about using Splunk to look for anomalous activity in your O365 instance….