Cybercrime, fake Docusign email spreads a new global phishing campaign
It asks to open a link to revise an agreement. It lands to a website that simulates the victim’s organization homepage, in which the user has only to digit the password.
Cybercrime, new phishing campaign via encrypted messages
An email asks to open a link to read them. It lands to a website that simulates the victim’s organization homepage, in which the user has only to digit the password.
Cybercrime, AgentTesla now passes from Russian customs
The doc attachment contacts a link, exploiting the Equation Editor vulnerability, and downloads an exe: the malware. Data is then exfiltered via SMTP to an email address.
Cybercrime, Auchan Poland bait for an AgentTesla campaign
The doc attachment contacts a link, also used for Lokibot, and downloads the malware. The stolen data is exfiltrated to an email via SMTP.
Cybercrime, new wave of the AgentTesla campaign on Isbank
The message template is identical to the previous one, except for the dates and the name of the attachment: 25_153325_221122_113030.7z. Inside is an exe, the malware, which exfiltrates stolen data via SMTP.
Cyber Warfare, XakNet offensive against the energy sector in Ukraine
Pro-Russian hackers close to the GRU attack institutions, carriers and suppliers with DDoS. The operation is complementary to the Moscow military one: the objectives are shared.
Cybercrime, Sharkbot is disguised in Android file managers apps
The apps work as a dropper for the malware and they are downloaded mostly from UK and Italy. The trojan attempts to steal online bank credentials.
Cybercrime, AgentTesla now passes by banks in Turkey
The email attachment “12790429914_20221122_05373027_HesapOzeti.7z” contains an exe file: the malware. Stolen data is exfiltrated via SMTP.
Cyber Warfare, TeamOneFist targets Russian AI controllers
Op.Neutrino compromised an operational AI/ML model, in addition to a power grid SCADA/ICS, belonging to the DK Port substation. It’s the new response for the attacks in Ukraine.
Cybercrime, fake free Starlink download spreads RaccoonStealer
The cybersecurity researcher “idclickthat” discovered a fake website with a link that downloads a rar with a “setup” exe inside: the malware.