Cybercrime, new DanaBot version in the wild
Proofpoint cybersecurity experts: It has been set as a Malware-as-a-Service (MaaS), written in Delphi, with some anti-analysis features.
U.S. Vote: Someone is still trying to steal personal information via phishing
Proofpoint cybersecurity experts: Hundreds of messages with links sent to recipients across multiple organizations. Cybercrime or Cyber Espionage?
Cyber Espionage, Chinese APT TA413 spreads a new RAT: Sepulcher
Proofpoint cyber security experts: The malware has been distributed in 2 different campaigns Covid-19 themed. One targeted many organisations in EU. The other, against Tibetan dissidents.
Cyber Warfare, the who’s who of Iranian cyber threat
Proofpoint cyber security experts detailed 11 Tehran’s attack groups, their preferred TTP’s, targets, and countries. Including, favourite tactics from phishing to malware.
Greta Thunberg used as a bait by cybercrime to spread Emotet
CertPa cyber security experts: A malware campaign is underway with spear phishing attacks on the occasion of Christmas. Proofpoint: They also target .edu domains.
LookBack spear phishing campaign against US utility companies evolves
Proofpoint cyber security experts: There threat actor, probably a state-sponsored APT, is distributing an updated version of the malware, a RAT. To date at least 17 firms were hit.
Cybercrime: PsiXBot malware has evolved with a Porn Module
Proofpoint cyber security experts: The new feature allows attackers to capture audio-video on the infected machine if a window match pornography-related keywords. It’s used for sextortion.
TA505 cybercrime gang launched new campaigns with Gelup-FlowerPippi malware
Trend Micro cyber security experts: The first malicious code abuses user account control (UAC) bypass and works as a loader for other threats. The second is a dangerous backdoor.
Cybercrime, Microsoft warns of attacks with FlawedAmmyy RAT directly in memory
The malware chain of infection starts with a weaponized email in Korean. The cyber security experts: It’s seems the work of TA505 APT, focused on financial institutions-retail companies.
Cybercrime, TA542 launched international scale campaigns with Emotet
Proofpoint cyber security experts: The group use malware variants that exploit third-party payloads such as Qbot, The Trick, IcedID, and Gootkit. Emotet use will grow.