OSIRIS Banking Trojan targets German IP Addresses

Method of infection: Water-holing

OSIRIS used a Social Engineering method called “water holing” to attack German IP addresses.

How does water holing attack work?

The victim enters the infected website.

The website checks if the target IP is German.

If it’s a German IP – few evasion techniques are used to bypass EDR

And then the virus connects to its command server through the Darknet

Save Your Company from Social Engineering Attacks Like that

Recently Posted on AUMINT.io Blog

2026 Cyber Forecast: The Rise of “Super-Malware” and Deep Infrastructure Sieges

As we close out 2025, the threat landscape has shifted from opportunistic attacks to highly engineered, systemic campaigns. The final quarter of this year gave us two "canary in the coal mine" moments—the financial industrialization of GoldFactory and the deep...

Critical Alert: Sophisticated Impersonation Campaign Targets 150+ Organizations

As reported by the Microsoft Threat Intelligence Center (MSTIC), we are currently witnessing a new, high-volume wave of sophisticated spear-phishing attacks. This campaign marks a significant escalation in nation-state tradecraft for the 2026 threat landscape....

Prompt Engineering Your Family Christmas Dinner

A Survival GuideThe bird is roasting, the LEDs are twinkling, and you haven’t even hit the bottom of your first eggnog when the inevitable breach occurs. Uncle Bob flanks you, brandishing a fossilized iPad, and whispers the holiday curse: "Since you’re the computer...

The Christmas Tree Worm: A Festive Fiasco That Changed Cybersecurity

In December 1987, as office workers were winding down for the holidays, a seemingly innocent digital greeting card began appearing on IBM mainframe terminals. It was titled CHRISTMA EXEC, and its arrival marked one of the first times the world witnessed the true...

France’s Interior Ministry Confirms Email Server Cyberattack

In a significant security breach, the French Ministry of Interior has officially confirmed that its email servers were the target of a sophisticated cyberattack. The incident has caused notable disruptions to internal communications across key government domains. The...

SnoopLens Flaw: Your WhatsApp and Signal Chats May Not Be as Private as You Think

A Note on Our Content: We believe in the value of human expertise. All insights and research presented here are originally crafted by our team, though we utilize Artificial Intelligence to refine our phrasing and ensure the highest standard of English clarity. If you...

Weekly Tech corner: AI Trust Exploited, WordPress Backdoors, and Android Ransomware Threats

OSINT Insights: New Tools and Research Shaping Open Source Investigations

The Open Source Intelligence (OSINT) landscape is evolving rapidly, and keeping up with the latest tools is half the battle. The latest edition of The Weekly OSINT Newsletter (published December 14, 2025) has dropped, and it brings a wealth of new resources for...

The Shifting Sands of OSINT: AI, Algorithms, and the Human Element 2026 forward looking

The world of Open Source Intelligence (OSINT) is constantly evolving, facing new challenges and opportunities driven by technological advancements and shifting threat landscapes. A recent digest from OSINT Jobs highlights several key areas shaping today's landscape,...

The New Battleground: Combating AI-Powered Social Engineering Attacks

The cybersecurity landscape is rapidly transforming, and a recent surge in social engineering attacks, supercharged by Artificial Intelligence, demands our immediate attention. Reports from sources like Manufacturing Business Technology indicate a staggering 42%...

Vendor Email Compromise Outpaces BEC in EMEA – A Wake-Up Call for MSSPs

by Lior | Jun 11, 2025 | News

📧 VEC Attacks in EMEA Soar Past BEC Threats

Vendor Email Compromise (VEC) engagement in EMEA hits 47.3% – almost double BEC’s rate.

This rise shows how VEC exploits trust in external vendors, bypassing traditional BEC defenses.

EMEA reports only 0.2% of VEC incidents, signaling a critical awareness gap.

MSSPs must adopt advanced behavioral analytics and third-party identity monitoring to catch these sophisticated threats.

Continuous employee education and simulated VEC phishing drills are essential to close this gap.

At AUMINT.io, we deliver cutting-edge solutions combining threat detection and training tailored for these risks.

Protect your organization before attackers do.

Book a Consultation with AUMINT.io

#Cybersecurity #VendorEmailCompromise #EmailSecurity #MSSP #AUMINT

« Older Entries

Next Entries »

Method of infection: Water-holing

How does water holing attack work?

Save Your Company from Social Engineering Attacks Like that

Recently Posted on AUMINT.io Blog

2026 Cyber Forecast: The Rise of “Super-Malware” and Deep Infrastructure Sieges

Critical Alert: Sophisticated Impersonation Campaign Targets 150+ Organizations

Prompt Engineering Your Family Christmas Dinner

The Christmas Tree Worm: A Festive Fiasco That Changed Cybersecurity

France’s Interior Ministry Confirms Email Server Cyberattack

SnoopLens Flaw: Your WhatsApp and Signal Chats May Not Be as Private as You Think

Weekly Tech corner: AI Trust Exploited, WordPress Backdoors, and Android Ransomware Threats

OSINT Insights: New Tools and Research Shaping Open Source Investigations

The Shifting Sands of OSINT: AI, Algorithms, and the Human Element 2026 forward looking

The New Battleground: Combating AI-Powered Social Engineering Attacks

Vendor Email Compromise Outpaces BEC in EMEA – A Wake-Up Call for MSSPs

Categories

Recent Posts

Archives

Follow us

OSIRIS Banking Trojan targets German IP Addresses

Method of infection: Water-holing

How does water holing attack work?

Save Your Company from Social Engineering Attacks Like that

Recently Posted on AUMINT.io Blog

Categories

Recent Posts

Archives

Tags