infosec

The doc attachment contacts a link, exploiting the Equation Editor vulnerability, and downloads an exe: the malware. Data is then exfiltered via SMTP to an email address.

Cybercrime, Auchan Poland bait for an AgentTesla campaign

The doc attachment contacts a link, also used for Lokibot, and downloads the malware. The…

Cybercrime, Auchan Poland bait for an AgentTesla campaign

The doc attachment contacts a link, also used for Lokibot, and downloads the malware. The stolen data is exfiltrated to an email via SMTP.

Cybercrime, new wave of the AgentTesla campaign on Isbank

The message template is identical to the previous one, except for the dates and the…

Cybercrime, new wave of the AgentTesla campaign on Isbank

The message template is identical to the previous one, except for the dates and the name of the attachment: 25_153325_221122_113030.7z. Inside is an exe, the malware, which exfiltrates stolen data via SMTP.

Cyber Warfare, XakNet offensive against the energy sector in Ukraine

Pro-Russian hackers close to the GRU attack institutions, carriers and suppliers with DDoS. The operation…

Cyber Warfare, XakNet offensive against the energy sector in Ukraine

Pro-Russian hackers close to the GRU attack institutions, carriers and suppliers with DDoS. The operation is complementary to the Moscow military one: the objectives are shared.

Cybercrime, Alibaba bait of an HTML phishing scam

A fake email points to a page that simulates that of the e-commerce portal. Objective:…

Cybercrime, Alibaba bait of an HTML phishing scam

A fake email points to a page that simulates that of the e-commerce portal. Objective: steal credentials.

Cybercrime, Sharkbot is disguised in Android file managers apps

The apps work as a dropper for the malware and they are downloaded mostly from…

Cybercrime, Sharkbot is disguised in Android file managers apps

The apps work as a dropper for the malware and they are downloaded mostly from UK and Italy. The trojan attempts to steal online bank credentials.

Cybercrime, fake Audit report bait for an HTML phishing campaign

The goal is to steal the SharePoint Online credentials via a fake platform landing page.…

Cybercrime, fake Audit report bait for an HTML phishing campaign

The goal is to steal the SharePoint Online credentials via a fake platform landing page. Victims have three attempts to digit the password, all of which will be wrong.

Cybercrime, AgentTesla now passes by banks in Turkey

The email attachment “12790429914_20221122_05373027_HesapOzeti.7z” contains an exe file: the malware. Stolen data is exfiltrated via…

Cybercrime, AgentTesla now passes by banks in Turkey

The email attachment “12790429914_20221122_05373027_HesapOzeti.7z” contains an exe file: the malware. Stolen data is exfiltrated via SMTP.

Cyber Warfare, TeamOneFist targets Russian AI controllers

Op.Neutrino compromised an operational AI/ML model, in addition to a power grid SCADA/ICS, belonging to…

Cyber Warfare, TeamOneFist targets Russian AI controllers

Op.Neutrino compromised an operational AI/ML model, in addition to a power grid SCADA/ICS, belonging to the DK Port substation. It’s the new response for the attacks in Ukraine.

Cybercrime, fake free Starlink download spreads RaccoonStealer

The cybersecurity researcher “idclickthat” discovered a fake website with a link that downloads a rar…

Cybercrime, fake free Starlink download spreads RaccoonStealer

The cybersecurity researcher “idclickthat” discovered a fake website with a link that downloads a rar with a “setup” exe inside: the malware.