Cybercrime, Emotet returns to strike with stolen email conversations
New messages with compressed attachment, which contains a .doc file. This, if opened, contacts a link from an internal list that downloads the malware from the Epoch 2 botnet.
Cybercrime, imminent threat to U.S. hospitals and healthcare providers
It has been denounced by FBI and the U.S. Department of Homeland Security cybersecurity experts: It could arrive from Russian Ryuk ransomware gang.
Cybercrime, Dridex hides behind fake Amazon emails
The bait is a shipping receipt, attached as an .xlsm file. This, if opened, contacts a random link from an internal list and downloads a DLL, which starts malware infection.
Cyber Espionage, Kimsuky North Korea’s hackers exposed
US CISA, FBI, and CNMF cybersecurity experts: APT employs common social engineering tactics, spearphishing, and watering hole attacks to exfiltrate information.
Cybercrime, FormBook also attacks Defense and Security
Mail from a fake Australian company with a request for a quote. The .zip attachment contains two .exe files. These, if opened, start the malware infection.
U.S. Vote: Someone is still trying to steal personal information via phishing
Proofpoint cybersecurity experts: Hundreds of messages with links sent to recipients across multiple organizations. Cybercrime or Cyber Espionage?
Cybercrime, Dridex associated with false Intuit QuickBooks invoices is back
The email contains a link that downloads a .doc document. This, if opened, contacts a link that downloads a DLL that infects the PC with malware.
Cybercrime, Dridex attacks again with fake ADP mail
The bait is always an attached invoice, an .xlsm file. This, if opened, contacts a link chosen randomly from an internal list that downloads a DLL and infects the PC with malware.
Cybercrime, Agent Tesla now could use Telegram to exfiltrate data
Abuse.ch cybersecurity experts: Corporate web proxy operators shoud block outgoing network traffic towards api.telegram .org. The malware until now exploited FTP or SMTP.
Cybercrime, Agent Tesla attacks with couriers’ bait
The attachment of an email about a fake shipment, if opened, contacts a link from which the malware is downloaded. The data is then exfiltrated via SMTP.