Cybercrime, the Azorult campaign also arrives in Italy
Decoy: fake order from a Taiwanese company. The xls attachment, if opened, contacts a link and redirects the victim to a malicious site, which downloads the malware.
Cybercrime, TrickBot now uses an obfuscated batch script launcher
Bleeping Computer cybersecurity experts: The malware increased its advanced evasive capabilities.
Cybercrime, FBI warning on the surge of Ragnar Locker activity
The cybersecurity experts: The ransomware frequently changes obfuscation techniques, uses a custom Windows XP virtual machine and chooses which folders it will not encrypt.
Cybercrime, a hybrid Drixex-Smokeloader malware goes by fake invoices
Global malspam campaign with xlsm attachment. It contacts a link from an internal list and downloads a dll, which contains a trojan and backdoor-loader hybrid.
Cybercrime, Italy hit by a huge Urnisf/Gozi “energy adaptation” campaign
Fake mails from Reveue Agency come all from .casa domains. The attachment, different for each message, contains xlsb. It, if opened, contacts a DLL which starts malware infection.
Cyber Espionage, APT10 use ZeroLogon flaw against Japan organizations
Symantec cybersecurity experts: The Chinese state-sponsored group leverages living-off-the-land tools and custom malware, as Backdoor.Hartip, to spy victims.
Cybercrime, Egregor operators send the ransom note by printers
Last trick to increase pressure on the ransomware victims is to print out the requests to all available printers. Cybersecurity experts believe the malware is the evolution of Maze.
Cybercrime, Dridex conveyed by false UPS invoices and Cutwail botnet
The email contains a link that downloads a .doc attachment. This contacts a random url from an internal list of 9 and downloads a DLL, which starts malware infection.
Cybercrime, phishing campaign passes from Boa web server
The lure is a fake email on an email closure. It contains a link to update the account via a login page. Also this one is false. The only aim is to steal credentials.
Cybercrime, WordPress hit by waves of attacks targeting Epsilon Framework themes
Wordfence cybersecurity experts: They exploit Function Injection and other older vulnerabilities, The aggressions seem to search flaws.