EclecticIQ

👋 Hi! Perhaps you've been following us for a while, perhaps you're new around here. Either way, we'd like to take this opportunity to (re)introduce ourselves. Flip through the pages below to get to know us a little bit better, learn more about our customers, and what we have to offer. For any questions, you can always reach out to us! ➡ https://lnkd.in/ea9h3d3a #Cybersecurity #ThreatIntelligence #ThreatIntelligencePlatform

We're #hiring a new Sales Development Representative in Amsterdam Area. Apply today or share this post with your network.

We recently identified thousands of fake sites trying to lure shoppers ahead of Black Friday to steal their personal and payment information. Find our CEO Cody Barrow featured in CBS News today, addressing this significant seasonal #phishing campaign. ➡️ https://hubs.ly/Q02ZSwXR0

We're #hiring a new Sales Development Representative in Amsterdam Area. Apply today or share this post with your network.

⚠️ If you're shopping on or around #BlackFriday -- beware! We've discovered a recent #phishing campaign targeting online shoppers in Europe and the U.S., using fake pages that mimic well-known brands to steal personal information ahead of the Black Friday season. The campaign exploited the surge in online shopping during November by offering fake discounts to lure victims into providing Cardholder Data (CHD), Sensitive Authentication Data (SAD), and Personally Identifiable Information (PII). First detected in early October 2024, we attribute the campaign to a financially-motivated Chinese threat actor, dubbed SilkSpecter. They're impersonating brands like IKEA, The North Face, and many more to deceive victims. ➡️ https://hubs.ly/Q02Zy0r00 #ThreatIntelligence #Cybersecurity

🎣 In a recent phishing campaign, attackers targeted the telecommunications and financial sectors with customized lures, including phishing pages themed for AT&T and financial institutions in the US and Canada. They abused Google Docs to deliver #phishing links, redirecting victims to Weebly-hosted fake login pages while leveraging dynamic DNS for subdomain rotation to evade detection. The campaign also employed advanced MFA bypass tactics, replicating legitimate access code workflows to deceive victims into sharing sensitive information. Finally, attackers used legitimate tools like Sentry[.]io and Datadog to track victim interactions, refining their tactics by analyzing timestamps, IP addresses, and location data for future campaigns. Learn more in our latest research: https://hubs.ly/Q02Zxvw90 #ThreatIntelligence #Cybersecurity

🎙️ Catch our CEO Cody Barrow on the latest episode of ECA Tech Talks! A big thank you to Andrea Vaugan and European Champions Alliance for having us on to explore the important topic of the #cybersecurity landscape in Europe at the moment. Listen on your platform of choice: https://lnkd.in/eU7T9pUS Or watch on YouTube: https://lnkd.in/e69Wyj4z

🗞️ Did you catch our research featured in Forbes? Our analysts recently uncovered a #BlackFriday phishing campaign targeting e-commerce shoppers in Europe and the USA. Likely orchestrated by #SilkSpecter, a Chinese threat actor, the campaign used fake discounts to steal Cardholder Data (CHD). Leveraging #Stripe and #Google Translate, attackers enhanced credibility and evaded detection. Find the Forbes article here: https://hubs.ly/Q02ZbLW90 Read our original research here: https://hubs.ly/Q02ZbNtP0 #ThreatIntelligence #Cybersecurity

📄 New research article! In late October 2024, our analysts uncovered a phishing campaign targeting the telecommunications and financial sectors. Attackers used #GoogleDocs to distribute #phishing links, redirecting victims to fake login pages hosted on #Weebly, a trusted website builder. This approach bypassed email filters and endpoint protections, exploiting the legitimacy of reputable platforms to evade detection. Financially motivated actors favor Weebly for its ease of use and low-cost hosting, reducing the complexity of operations while leveraging its trusted infrastructure to avoid anti-phishing measures. Similar tactics were observed earlier in 2024, highlighting a growing trend of abusing trusted platforms to prolong phishing campaigns. Find the full article here: https://hubs.ly/Q02Z3k2H0 #ThreatIntelligence #Cybersecurity

Understanding the differences between Commercial Off-The-Shelf (COTS) and Free Open-Source Software (FOSS) is crucial for determining how each can support your cybersecurity strategy. Read our latest blog to discover why COTS solutions remain the industry's preferred choice for adopting threat intelligence tools. https://hubs.ly/Q02YSSLM0 #OpenSource #ThreatIntelligence #CyberSecurity #CyberDefense