Cybercrime, the Dridex campaign via Quickbooks is back
The xls attachment of the mail, also arrived in Italy, randomly contacts a link from an internal list and downloads the dll, starting the malware infection.
Cybercrime, Asyncrat campaign via payment request
The email false xlsx points to a fake site with a zip document. This contains a VBS with a powershell which downloads the malware. C2 is the same as RemcosRAT.
Cybercrime, Poulight is disguised as a txt file in a new phishing campaign
360 Total Security cybersecurity experts: The attackers spread the malware using RLO technology. It’s a trojan which steals info.
Cyber Espionage, North Korea’s hackers exploit military security magazines
ASEC cybersecurity experts: An APT uses the April issue of a monthly magazine in Word to distribute targeted malware.
Cybercrime, false NetSuite invoice conveys the latest Dridex campaign
The email xls attachment randomly contacts a url from an internal list and downloads the dll, which starts the malware infection.
Cybercrime, Dridex campaign via sales receipts and purchase orders
Two different emails but with the same xls attachment, which contacts a random link from an internal list and downloads the dll, starting malware infection.
Cybercrime, Dridex campaign via fake Office Depot receipt
The email xls attachment contacts a random url from an internal list and downloads the dll, which starts the malware infection.
Cybercrime, new Dridex campaign via invoices and Cutwail botnet
The email xlsm attachment contacts a random link from an internal list and downloads the DLL, which starts the malware infection chain.
Cybercrime, the Dridex campaign via Freightquote is back
The email xlsm attachment contacts a random link from an internal list and downloads the DLL, which starts the malware infection chain.
Cybercrime, false Freightquote invoice conveys Dridex
The email xlsm attachment, if opened, contacts a random link from an internal list and downloads the dll, which starts the malware infection.