Cyber

The lnk “Alıntı 2589984” email attachment starts the infection chain by running a Powershell script. Stolen data is exfiltrated via Telegram API.

Cybercrime, false offer of products from Türkiye bait for a mysterious malware

The compressed attachment of the “Alıntı 2589984” email contains a lnk file, which starts the…

Cybercrime, false offer of products from Türkiye bait for a mysterious malware

The compressed attachment of the “Alıntı 2589984” email contains a lnk file, which starts the chain of infection by running a Powershell script.

Cybercrime: here it comes Atomic, a new info-stealer for macOS

The malware, aka AMOS, is sold with a $1,000-a-month subscription and can be used even…

Cybercrime: here it comes Atomic, a new info-stealer for macOS

The malware, aka AMOS, is sold with a $1,000-a-month subscription and can be used even by those without technical skills.

Cybercrime, false invoice for a phishing campaign on Adobe

The "PAYMENT CONFIRMATION.HTML" attachment of the "PAYMENT SLIP" email points to a fake site from…

Cybercrime, false invoice for a phishing campaign on Adobe

The "PAYMENT CONFIRMATION.HTML" attachment of the "PAYMENT SLIP" email points to a fake site from which to download the document. Goal: steal passwords.

Cybercrime, Mirai has updated its arsenal to include CVE-2023-1389

Zero Day Initiative cybersecurity experts: The flaw it’s still vulnerable and used by the botnet…

Cybercrime, Mirai has updated its arsenal to include CVE-2023-1389

Zero Day Initiative cybersecurity experts: The flaw it’s still vulnerable and used by the botnet to attack devices in Eastern Europe and around the globe.

Cybercrime, AgentTesla changes template but the campaign intensifies

The attachments of 3 different emails contain an exe: the same malware. Even the messages…

Cybercrime, AgentTesla changes template but the campaign intensifies

The attachments of 3 different emails contain an exe: the same malware. Even the messages IP is identical. Stolen data is exfiltrated via SMTP.

Cybercrime, AveMaria is conveyed by the email “Proof of Payment Ref 240423” via UACMe

The “Swift_240423.7z” attachment contains an exe file – the malware. The tool exploits DLL hijacking…

Cybercrime, AveMaria is conveyed by the email “Proof of Payment Ref 240423” via UACMe

The “Swift_240423.7z” attachment contains an exe file – the malware. The tool exploits DLL hijacking for privilege escalation.

Cybercrime, the “Quotation Proposal List” email hides Lokibot

The ace attachment of the message contains another ace with an exe inside: the malware.

Cybercrime, the “Quotation Proposal List” email hides Lokibot

The ace attachment of the message contains another ace with an exe inside: the malware.

Cybercrime, phishing scam from the DRC on food and gold

A member of the "Congolese Revolutionary Army" of Goma asks for food aid (rice) in…

Cybercrime, phishing scam from the DRC on food and gold

A member of the "Congolese Revolutionary Army" of Goma asks for food aid (rice) in exchange for raw gold. It is all false, it is used to hook the victim to steal money and data.

Cybercrime, “PROFORMA INVOICE 30% DOWNPAYMENT” carries AgentTesla

The email “Payment Advice” compressed attachment contains an exe: the malware. The stolen data is…

Cybercrime, “PROFORMA INVOICE 30% DOWNPAYMENT” carries AgentTesla

The email “Payment Advice” compressed attachment contains an exe: the malware. The stolen data is exfiltrated via SMTP.