Cybercrime, quarantined emails are the latest phishing bait
Global campaign targets fake webmail site. Objective: to steal the credentials of the victims.
Cybercrime, new Dridex campaign via couriers and Cutwail
Fake xlsm invoice, distributed by the botnet, contacts random links from an internal list and download the malware.
Cyber Espionage, new Android spyware in Iran disguised as students app
The cybersecurity researcher bl4ckh0l3z: It steals a lot of info. The malware is part of the ongoing Domestic Kitten internal operation.
Cybercrime, new phishing campaign on purchase orders
Fake xls attachment directs the victim to a malicious html file, where it asks to enter credentials to open the file. Objective: to steal them.
Cybercrime, Avaddon ransomware group adopts DDoS attacks on victims
It’s the third threat actor, after SunCrypt and RagnarLocker, that adopt the “Triple Extortion” strategy to increase pressure on malware victims.
Cybercrime, Guloader is back via false purchase orders
The email GZ attachment contains a password-protected zip (not provided in the text), with an exe inside: the malware itself. It is not known what the next payload is.
Cybercrime, new RFQ-themed AgentTesla global campaign
The exe inside the compressed attachment is the malware itself. Furthermore, the data is exfiltrated via Telegram API instead of FTP-SMTP.
Cybercrime, 81% of all financially motivated cyberattacks in 2020 are ransomware
Atlas VPN cybersecurity experts: The cost of a breach caused by malware last year was 4% more than an average malicious aggression.
Cybercrime, Dridex global campaign via xlsm and Cutwail
False xlsm invoice, distributed by the botnet, contacts a random link from an internal list and download the dll with starts malware infection.
Cybersecurity: logic bug for Signal, Duo, Facebook Messenger, JioChat and Mocha
Natalie Silvanovich: The majority of video conferencing apps are implemented using WebRTC. A vulnerability let attackers spy on users.