Cybercrime, Guloader is back via false purchase orders
The email GZ attachment contains a password-protected zip (not provided in the text), with an exe inside: the malware itself. It is not known what the next payload is.
Cybercrime, new RFQ-themed AgentTesla global campaign
The exe inside the compressed attachment is the malware itself. Furthermore, the data is exfiltrated via Telegram API instead of FTP-SMTP.
Cybercrime, 81% of all financially motivated cyberattacks in 2020 are ransomware
Atlas VPN cybersecurity experts: The cost of a breach caused by malware last year was 4% more than an average malicious aggression.
Cybercrime, Dridex global campaign via xlsm and Cutwail
False xlsm invoice, distributed by the botnet, contacts a random link from an internal list and download the dll with starts malware infection.
Cybersecurity: logic bug for Signal, Duo, Facebook Messenger, JioChat and Mocha
Natalie Silvanovich: The majority of video conferencing apps are implemented using WebRTC. A vulnerability let attackers spy on users.
Cybercrime, FormBook campaign in Italy on payments
The iso attachment contains an executable, the malware itself. Moreover, it exploits the exe (in English) of an international campaign.
Cybercrime, EMA anti Covid-19 vaccines data manipulated before leaking it
The EU Agency: Some of the correspondence stolen in the cyber attack has been manipulated in a way which could undermine trust in vaccines.
Cybercrime, new Guloader campaign via RQF
The email attachment contains an exe file, the malware itself, which downloads other payloads. At the moment, however, it is not known what they are.
Cybercrime, Egregor ransomware group is back online
The malware double extortion website is again up, with new victims and a message: “Despite your hopes, we are with you again”.
Cybersecurity, BugTraq maybe won’t close
The whole Infosec community moved on Internet and Social Network to testify the importance of the mailing list. Then, Accenture spreaded an encouraging note.