Security Spotlight
LatestSpotit SOC Fraud Investigation – officeboxonline.com
Spotit SOC receives reports of suspected fraudulent invoices from customers every day. These attempts to conduct fraud are usually made by delivery of e-mail. SOC activities are accelerated by automated threat intelligence analysis, i.e. e-mail domains and senders, and any URL's are checked for known malicious or suspicious activities. An invoice was delivered by mail to the Spotit BV office in Merelbeke, Belgium. This invoice was immediately flagged as potentially fraudulent by the Spotit Finance Department as no such vendor is known to the company.
Connectivity Corner
LatestSorry, No Posts Found
Boardroom Briefings
LatestHow to improve Business Continuity and Disaster Recovery
When it comes to business continuity and disaster recovery, the only certain thing is that...
Tech Talk Hub
LatestFlaw in Evilginx allows instant detection by scanners despite blacklisting
Introduction Earlier this week, Spotit’s detection engineering team reached out to our red...
Risk Resilience Realm
LatestHow to improve Business Continuity and Disaster Recovery
When it comes to business continuity and disaster recovery, the only certain thing is that...
How to improve Business Continuity and Disaster Recovery
When it comes to business continuity and disaster recovery, the only certain thing is that...
Read MoreSpotit SOC Fraud Investigation – officeboxonline.com
Spotit SOC receives reports of suspected fraudulent invoices from customers every day. These attempts to conduct fraud are usually made by delivery of e-mail. SOC activities are accelerated by automated threat intelligence analysis, i.e. e-mail domains and senders, and any URL’s are checked for known malicious or suspicious activities.
An invoice was delivered by mail to the Spotit BV office in Merelbeke, Belgium. This invoice was immediately flagged as potentially fraudulent by the Spotit Finance Department as no such vendor is known to the company.
Clipping the Canary’s wings: Bypassing AiTM Phishing Detections
TL;DR Introduction CSS Based Canary/Honey Tokens Bypass methods 1. The regex way 2. Proxying the...
Read MoreGraphSpy – The Swiss Army Knife for Attacking M365 & Entra
Introduction Device Code Phishing Recap – The king of all Phishing Tactics? Why GraphSpy?...
Read More