Cyber Warfare, the who’s who of Iranian cyber threat
Proofpoint cyber security experts detailed 11 Tehran’s attack groups, their preferred TTP’s, targets, and countries. Including, favourite tactics from phishing to malware.
Greta Thunberg used as a bait by cybercrime to spread Emotet
CertPa cyber security experts: A malware campaign is underway with spear phishing attacks on the occasion of Christmas. Proofpoint: They also target .edu domains.
LookBack spear phishing campaign against US utility companies evolves
Proofpoint cyber security experts: There threat actor, probably a state-sponsored APT, is distributing an updated version of the malware, a RAT. To date at least 17 firms were hit.
Cybercrime: PsiXBot malware has evolved with a Porn Module
Proofpoint cyber security experts: The new feature allows attackers to capture audio-video on the infected machine if a window match pornography-related keywords. It’s used for sextortion.
TA505 cybercrime gang launched new campaigns with Gelup-FlowerPippi malware
Trend Micro cyber security experts: The first malicious code abuses user account control (UAC) bypass and works as a loader for other threats. The second is a dangerous backdoor.
Cybercrime, Microsoft warns of attacks with FlawedAmmyy RAT directly in memory
The malware chain of infection starts with a weaponized email in Korean. The cyber security experts: It’s seems the work of TA505 APT, focused on financial institutions-retail companies.
Cybercrime, TA542 launched international scale campaigns with Emotet
Proofpoint cyber security experts: The group use malware variants that exploit third-party payloads such as Qbot, The Trick, IcedID, and Gootkit. Emotet use will grow.
Retefe malware is back with a new set of tools and techniques
Proofpoint cyber security experts: cybercrime updated key features of the Trojan and employ new distribution mechanisms, including fake apps and switching to Smoke Loader.