Cybercrime, TangleBot targets Android mobile users with COVID-19 Lures
Cloudmark cybersecurity experts: The malware uses SMS text message baits with content about regulations and third dose to steal sensitive data.
Cybercrime, new Formbook campaign via RFQ
The zip attachment contains an exe: the malware itself. This, if opened, activates the infection chain. Objective: to steal sensitive data from victims.
Cybercrime, Conti ransomware attacks grow worldwide
CISA-FBI cybersecurity experts: The malware has been involved in more than 400 aggressions on U.S. and international organizations.
Cybercrime, Hancitor is back hidden in a DocuSign email
The doc attachment is downloaded each time from a different url and contains the dll with the malware. The final payalod is unknown.
Cybercrime, a new version of the Jupyter trojan is on the wild
Morphisec cybersecurity experts: The malware, written in .NET, is delivered through MSI installer and thwarts online AV scanners.
Cybercrime, Agent Tesla hidden in a fake payment invoice
Technical analysis by the Malware Hunter JAMESWT Cybercrime, Agent Tesla hidden in a fake payment invoice. The email contains an exe and a zip with the same executable inside. Both are the malware. Data is exfiltered via smtp A payment…
Cybercrime, Ursnif / Gozi back to Italy with a fake BRT courier email
The xls attachment contacts a single link and downloads the dll, which activates the malware infection. Provided that the IP is Italian and not on the blacklist.
Cybercrime, Agent Tesla goes through a fake order from a Turkish company
The email gz attachment contains an executable: the malware itself. If open, it activates the infection. The stolen data is then exfiltrated via ftp.
Cybercrime, new Remcos aggressive campaign via DHL
Three different emails in one day with the same xls attachment: the malware itself. The file, if opened, activates the infection chain.
Cybercrime, REvil/Sodinokibi victims now can recover data for free
Bitdefender cybersecurity experts released a universal decryptor with a trusted law enforcement partner. It allow users to get back data attacked before July 13, 2021.