Cybercrime, “NEW ORDER” campaign conveys AgentTesla The zip attachment contains an exe file: the malware itself. Stolen data is exfiltrated via… Cybercrime, “NEW ORDER” campaign conveys AgentTesla 25 May 2022 Francesco Bussoletti Defence and Security, Restricted Area The zip attachment contains an exe file: the malware itself. Stolen data is exfiltrated via SMTP.
Cybercrime, Lokibot is hidden in an email from India The Ace attachment of the message contains an exe file: the malware itself. Cybercrime, Lokibot is hidden in an email from India 25 May 2022 Francesco Bussoletti Defence and Security, Restricted Area The Ace attachment of the message contains an exe file: the malware itself.
Cybercrime, new Avemaria / WarZone RAT campaign via false firm PO The img attachment contains an exe file: the malware itself. Objective: to steal information from… Cybercrime, new Avemaria / WarZone RAT campaign via false firm PO 24 May 2022 Francesco Bussoletti Defence and Security, Restricted Area The img attachment contains an exe file: the malware itself. Objective: to steal information from the victim.
Cybercrime, DHL-themed AgentTesla campaign via Guloader The email gz attachment contains an exe file: the loader. This contacts a url and… Cybercrime, DHL-themed AgentTesla campaign via Guloader 24 May 2022 Francesco Bussoletti Defence and Security, Restricted Area The email gz attachment contains an exe file: the loader. This contacts a url and downloads the final malware. Stolen data is exfiltrated via ftp.
Cybercrime: RemcosRAT campaign via fake bank remittance The xlsx attachment contains an exe file: the malware itself. Cybercrime: RemcosRAT campaign via fake bank remittance 20 May 2022 Francesco Bussoletti Defence and Security, Restricted Area The xlsx attachment contains an exe file: the malware itself.
Cybercrime, unknown malware spread via Guloader by DHL themed campaign The gz attachment in a fake email from the courier contains an exe: the loader,… Cybercrime, unknown malware spread via Guloader by DHL themed campaign 20 May 2022 Francesco Bussoletti Defence and Security, Restricted Area The gz attachment in a fake email from the courier contains an exe: the loader, which contacts a url and downloads the malware. However, the final payload is unknown.
Cybercrime, new Swift payment confirmation themed Formbook campaign The email doc attachment downloads an exe: the malware itself. Cybercrime, new Swift payment confirmation themed Formbook campaign 19 May 2022 Francesco Bussoletti Defence and Security, Restricted Area The email doc attachment downloads an exe: the malware itself.
Cybercrime, Formbook is hiding in a fake bank payment The email iso attachment contains an exe file: the malware itself. Cybercrime, Formbook is hiding in a fake bank payment 17 May 2022 Francesco Bussoletti Defence and Security, Restricted Area The email iso attachment contains an exe file: the malware itself.
Cybercrime, second Emotet campaign via real stolen email conversation The xls attachment directly contacts an internal list of URLs and downloads the dll, starting… Cybercrime, second Emotet campaign via real stolen email conversation 13 May 2022 Francesco Bussoletti Defence and Security, Restricted Area The xls attachment directly contacts an internal list of URLs and downloads the dll, starting the malware infection.
Cybercrime, a real stolen email conversation spread Emotet The zip attachment contains a file that runs a PS and downloads the dll from… Cybercrime, a real stolen email conversation spread Emotet 13 May 2022 Francesco Bussoletti Defence and Security, Restricted Area The zip attachment contains a file that runs a PS and downloads the dll from an internal list of url, starting the malware infection.