Dynamic execution: This means that the hidden code is only fully revealed and run once the page is loaded, helping it to stay under the radar.
To protect against such attacks: Implement security solutions that offer layered security controls. Look for ones that offer anti-phishing tools, adaptive authentication and continuous monitoring to help detect the kind of intercepting adversary-in-the-middle (AiTM) tactics used by threats like Tycoon 2FA.)
Cephas kit uses invisible characters to block scanners and rules
Cephas is an emerging phishing kit first seen in August 2024. The code features a significant number of astronomy and bible-related comments.
What makes Cephas noteworthy is that it implements a distinctive and uncommon obfuscation technique. The kit obscures its code by creating random invisible characters within the source code that help it to evade anti-phishing scanners and obstruct signature-based YARA rules from matching the exact phishing methods.
To protect against such attacks: Enforce MFA for all users, especially for cloud services like Microsoft 365. Consider using phishing-resistant methods such as hardware security keys rather than SMS or app-based codes.
Stealthy malware hides in images to avoid detection
Steganography is a sophisticated attack technique that involves hiding data inside something that looks harmless, such as an image. Unlike encryption, which hides data content, steganography hides the existence of data. This makes it much harder to detect.
Barracuda’s threat analysts recently spotted a phishing campaign leveraging steganography.
The attack starts with a phishing email that looks like a genuine business message, such as an order or pricing inquiry. In the samples analyzed, the emails included links to files hosted on a popular and legitimate file sharing service.
However, the files are actually malicious JavaScript files that have been heavily disguised to make it hard for security systems to recognize them as dangerous.