infosec

Cybersecurity expert JAMESWT: The link in the message downloads a zip with a URL pointing to an SMB, which downloads and executes the malware. Same TTP as the “Revenue Agency” campaign in Italy.

Cybercrime, Maha Grass is using Spyder to deliver Remcos

Qi'anxin Threat Intelligence Center: Some key strings in the downloader have been encrypted and the…

Cybercrime, Maha Grass is using Spyder to deliver Remcos

Qi'anxin Threat Intelligence Center: Some key strings in the downloader have been encrypted and the communication data format between malware and C2 servers has been adjusted.

Cybercrime, DPRK cyber actors are targeting software supply chain products

NIS-NCSC cybersecurity experts: They used zero-day exploits, newly published vulnerabilities and tools, and exploited multiple…

Cybercrime, DPRK cyber actors are targeting software supply chain products

NIS-NCSC cybersecurity experts: They used zero-day exploits, newly published vulnerabilities and tools, and exploited multiple vulnerabilities in series, to attack a specific target.

Cybercrime, new wave of the Vidar campaign via hotel reservation-Google Drive

The cybersecurity expert JAMESWT: The link in the email points to an url and downloads…

Cybercrime, new wave of the Vidar campaign via hotel reservation-Google Drive

The cybersecurity expert JAMESWT: The link in the email points to an url and downloads a file (protected by password, given in the message): the malware.

Cybercrime, Remcos switches from fake Paypal emails

Cybersecurity expert JAMESWT: The link in the message downloads a zip with a URL pointing…

Cybercrime, Remcos switches from fake Paypal emails

Cybersecurity expert JAMESWT: The link in the message downloads a zip with a URL pointing to an SMB, the same as the one used in the "Revenue Agency" themed campaign in Italy, which downloads and executes the malware.

Cybercrime, threat actors installed the XMRig CoinMiner on vulnerable Apache web servers

ASEC cybersecurity experts: Cobalt Strike has been used to control the infected system.

Cybercrime, threat actors installed the XMRig CoinMiner on vulnerable Apache web servers

ASEC cybersecurity experts: Cobalt Strike has been used to control the infected system.

Cybercrime actors target users in India with Android malware

Microsoft cybersecurity experts: They impersonate legitimate organizations, using social media platforms like WhatsApp and Telegram,…

Cybercrime actors target users in India with Android malware

Microsoft cybersecurity experts: They impersonate legitimate organizations, using social media platforms like WhatsApp and Telegram, to send messages for spreading 2 trojans.

Cybercrime, a fake Zimbra deactivation bait for a phishing campaign

The cybersecurity researcher Salvatore Lombardo: The link in the email points to a false login…

Cybercrime, a fake Zimbra deactivation bait for a phishing campaign

The cybersecurity researcher Salvatore Lombardo: The link in the email points to a false login page. After credentials have been digited, the user is redirected to the legit website.

Cybercrime, multilingual and multibrand survey-themed phishing/smishing campaign

Once the questions have been answered, the user will be able to choose a prize…

Cybercrime, multilingual and multibrand survey-themed phishing/smishing campaign

Once the questions have been answered, the user will be able to choose a prize by navigating to a fake page, created to steal personal and credit card data.

Cybercrime, SCAM alert for the next holiday online shopping season

The cybersecurity experts: Threat Actors exploit this period for credit card skimming and data theft…

Cybercrime, SCAM alert for the next holiday online shopping season

The cybersecurity experts: Threat Actors exploit this period for credit card skimming and data theft via fake e-commerce websites and apps. Beware of phishing.