Blog

All resources, blog and threat posts, and updates Keep Aware.

Topics

Latest Posts

Google Looker Studio is being abused by bad actors to host intermediate phishing webpages.

“Looking” for Documents? .. “Look” No Further: A New Trend in Abusing Google Looker Studio for Phishing

April 4, 2024

Keep Aware has uncovered evidence that Google Looker Studio is being abused by bad actors to host intermediate phishing pages.

Cloudflare R2, Public Buckets and a Phishing Binge: An Analysis of Today’s Threat Landscape

March 18, 2024

Cloudflare public R2 buckets are being abused to host phishing pages.

Examples of abused Canva designs and of final phishing pages.

Clicking Links, From Canva Design to Phishing Site: An Analysis of Today’s Threat Landscape

February 26, 2024

Keep Aware’s Threat Research function shares recent analysis of Canva’s platform abuse for phishing purposes.

Examples of abused Microsoft Dynamics 365 Customer Insights Journeys standalone forms.

The Abuse of Microsoft Dynamics 365 Standalone Forms: An Analysis of Today’s Threat Landscape

February 12, 2024

An analysis of Microsoft Dynamics 365 standalone forms reveals that, in today’s browsing threat landscape, 1 in 5 forms are threats.

AI and Zero-Day Phishing: Combating The Evolving Browser-Based Security Challenges

February 5, 2024

With the rise of generative AI usage across industries, no one should be surprised this trend also applies to the cybercriminal industry. They, too, are

Security support scam website impersonating Apple.

Understanding Security Support Scams: A Comprehensive Analysis

November 29, 2023

Key Topics and Findings: Overview In today’s interconnected world where practically all employees use the internet, the prevalence of security support scams and other social

Image of a Microsoft security scam site.

From Google Search to Microsoft Security Scam

November 2, 2023

Key Findings: Overview Keep Aware’s Threat Research division identified a recent batch of fraudulent Microsoft support sites. While these scam campaigns are not novel, they

Enhancing your Cybersecurity Posture with the Power of Pause

October 26, 2023

Taking a moment or pausing before taking action is not a new concept; it is ingrained in all of our technology. It is an essential

Browser Notifications Hijacking via DDoS-Protection Mimicry

October 10, 2023

Key Findings: Overview Keep Aware’s Threat Research team has identified a browser notifications hijacking campaign that impersonates a Russian-based distributed denial of service (DDoS) protection

Browser Notifications Hijacking: A Trending Social Engineering Technique

September 29, 2023

Using Keep Aware Browser Security, our clients have detected an attack type that we have dubbed “Notification Hijacking.” These attacks involve malicious redirects that manipulate

Safeguards for Sensitive Data and Browser Security

September 21, 2023

Solution Spotlight Safeguarding sensitive information and ensuring secure application usage has always been a priority for cybersecurity teams. ChatGPT and other productivity tools have amplified