Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The BlueVoyant Security Operations Team (SOC) and Threat Fusion Cell (TFC) researchers recently analyzed a sophisticated phishing incident where a user was lured into visiting a fake IRS website to verify a “tax refund”. The scheme was initiated via a phishing email, leading the user to the fraudulent site.

The lack of a universal standard for naming threat actors often creates confusion in the cybersecurity community. The same threat actor can be identified by multiple aliases depending on the vendor or team tracking it. For example, a Russian government-sponsored cyber threat group is referred to alternatively as “APT29”, “Cozy Bear”, “Midnight Blizzard” and “Nobelium”.

BlueVoyant recently announced its strategic partnership with the Automotive Information Sharing and Analysis Center (Auto-ISAC), the central organization for cybersecurity collaboration in the automotive industry. Information Sharing and Analysis Centers (ISACs) are important organizations that provide a central resource within a given sector for gathering, analyzing, and sharing information on cyber threats and vulnerabilities.

BlueVoyant’s Threat Fusion Cell (TFC) and Security Operations Center (SOC) researchers have uncovered a recent cyber campaign featuring a unique twist on fake browser updates. This attack leveraged the GrimResource vulnerability and delivered the PureLogs stealer malware to targeted environments through disguised Microsoft Management Console (MSC) files.

If your organization has a Microsoft Azure Consumption Commitment (MACC), you’re already on the path to optimizing cloud spend. But are you making the most of it? MACC isn’t just a budgeting tool, it’s a strategic advantage. By transacting eligible solutions through the Azure Marketplace, you can decrement your commitment while accelerating your cloud security and operations. That’s where BlueVoyant comes in.

BlueVoyant investigated the latest Oyster malware attacks, delivered in a widespread campaign targeting IT professionals by impersonating legitimate IT tools. The campaign was originally discovered by outside researchers, but when BlueVoyant’s SOC observed suspicious behavior in a client environment within the healthcare sector, the team, including the Threat Fusion Cell (TFC), decided to delve deeper.

A recent investigation by BlueVoyant’s threat analysts has uncovered a sophisticated phishing campaign exploiting the Weebly.com platform to create fraudulent websites targeting small to mid-sized banks and financial institutions across the United States. This campaign stands out for its widespread scale and diffusion. Over the past few months, BlueVoyant has identified hundreds of phishing websites targeting more than 200 American banks and financial institutions.

As organizations rapidly embrace generative AI tools like Microsoft 365 Copilot to boost productivity and innovation, a critical question emerges: Is your data fully protected against today's accelerating and deepening threat landscape? The integration of generative AI tools (such as Microsoft 365 Copilot) into daily workflows brings unprecedented opportunities to enhance productivity. Yet equally unprecedented risks to your organization's most sensitive information.

The BlueVoyant Security Operations Center (SOC) recently responded to a client’s user accessing a potentially malicious link that further research identified as part of a recent, robust campaign aimed at stealing Twilio SendGrid credentials. The attack was investigated by BlueVoyant’s Threat Fusion Cell (TFC) to understand how it can bypass email filters, and how it likely targeted IT departments.