Cybercrime, Maersk’s fake email conveys LokiBot The rar attachment contains an exe file: the malware itself. Objective: to steal information from… Cybercrime, Maersk’s fake email conveys LokiBot 6 July 2022 Francesco Bussoletti Defence and Security, Restricted Area The rar attachment contains an exe file: the malware itself. Objective: to steal information from the victim.
Cybercrime, the mail “Re: FW: Quotation – Urgent” bait for AgentTesla The Img attachment contains an exe file disguised as a pdf: the malware itself. Stolen… Cybercrime, the mail “Re: FW: Quotation – Urgent” bait for AgentTesla 6 July 2022 Francesco Bussoletti Defence and Security, Restricted Area The Img attachment contains an exe file disguised as a pdf: the malware itself. Stolen data is exfiltrated via smtp.
Cybercrime, new order-themed malware campaign via Guloader The gz attachment of the email contains an exe file: the loader, which should contact… Cybercrime, new order-themed malware campaign via Guloader 1 July 2022 Francesco Bussoletti Defence and Security, Restricted Area The gz attachment of the email contains an exe file: the loader, which should contact a link and download an unknown final payload.
Cybercrime, AgentTesla passes via a fake HSBC payment notice The ace attachment contains an exe file: the malware itself. The stolen data is then… Cybercrime, AgentTesla passes via a fake HSBC payment notice 28 June 2022 Francesco Bussoletti Defence and Security, Restricted Area The ace attachment contains an exe file: the malware itself. The stolen data is then exfiltrated via smtp.
Cybercrime, new AgentTesla DHL-themed campaign via Guloader The Gz attachment of a fake courier email contains an exe: the loader, which contacts… Cybercrime, new AgentTesla DHL-themed campaign via Guloader 24 June 2022 Francesco Bussoletti Defence and Security, Restricted Area The Gz attachment of a fake courier email contains an exe: the loader, which contacts another url and downloads the final malware.
Cybercrime, new double AgentTesla global campaign The rar and r00 attachments of two different emails contain the same exe file: the… Cybercrime, new double AgentTesla global campaign 20 June 2022 Francesco Bussoletti Defence and Security, Restricted Area The rar and r00 attachments of two different emails contain the same exe file: the malware. Stolen data is exfiltrated via smtp.
Cybercrime, fake payment notice hides Formbook The email ace attachment contains an exe file: the malware itself. Cybercrime, fake payment notice hides Formbook 17 June 2022 Francesco Bussoletti Defence and Security, Restricted Area The email ace attachment contains an exe file: the malware itself.
Cybercrime, new Avemaria campaign via “RE: ENQUIRY ORDER” The rar attachment contains an exe file: the malware itself. The goal is to steal… Cybercrime, new Avemaria campaign via “RE: ENQUIRY ORDER” 16 June 2022 Francesco Bussoletti Defence and Security, Restricted Area The rar attachment contains an exe file: the malware itself. The goal is to steal sensitive information from the victim.
Cybercrime, RemcosRAT via bank remittance is back The 2 attached pdfs, taking advantage of an exploit for the CVE-2017-11882 vulnerability, extract an… Cybercrime, RemcosRAT via bank remittance is back 14 June 2022 Francesco Bussoletti Defence and Security, Restricted Area The 2 attached pdfs, taking advantage of an exploit for the CVE-2017-11882 vulnerability, extract an xls that contacts a url and downloads the malware.
Cybercrime, false payment request bait for Formbook The email ace attachment contains an exe file: the malware itself. Cybercrime, false payment request bait for Formbook 14 June 2022 Francesco Bussoletti Defence and Security, Restricted Area The email ace attachment contains an exe file: the malware itself.