Cyber Espionage, IronHusky targets Defense and IT companies with MysterySnail
Kaspersky cybersecurity experts: The Chinese APT exploits the CVE-2021-40449 zero-day vulnerability in the Win32k kernel driver and the malware to escalate privileges.
Cybercrime, fake Amnesty International website spread Sarwent
Cisco Talos cybersecurity experts: The lure is the free availability of am anti Pegasus spyware tool, called AVPegasus. Indeed, the software is the malware.
Cybercrime, “Hiello Dear” campaign to convey Nanocore
The email has no text, but contains two attachments: an executable and a zip with an exe inside. The files are identical and are the malware itself.
Cybercrime, new Remcos aggressive campaign via DHL
Three different emails in one day with the same xls attachment: the malware itself. The file, if opened, activates the infection chain.
Cybercrime, triple Remcos attack via RFQ
Three emails have different request numbers, but identical text and tar attachment. Inside is an exe: the malware itself.
Cybercrime, Remcos campaign is back via shipping documents
The email tar attachment contains an exe, the malware itself: a RAT with different capabilities.
Cybercrime, new Remcos campaign via purchase orders
The email cab attachment contains an exe: the malware itself. This is a RAT with several capabilities.
Cybercrime, JsOutProx is evolving and started targeting western financial organizations
Yoroi cybersecurity experts: The malware (aka TH-264) has improved protection mechanisms and can operate as a silent info stealer or run offensive plugins.
Cybercrime, false payment receipt carries NanoCore
The email compressed file in gz format contains an executable: the malware itself. If opened, it activates the infection chain.
Cyber Espionage, new variant of Konni malware has been used to target Russia
Malwarebytes cybersecurity experts: It is been potentially linked to the North Korean’s APT37. The malware is distributed via spear phishing with 2 weaponized documents.