Cybercrime, AveMaria is hiding in an email from a Dubai company
The email lzh attachment, also arrived in Italy, hides an executable: the malware itself.
Cybercrime, false job application spreads NanoCore
The alleged curriculum attached in the email is compressed in rar format. Inside, however, there is an exe file: the malware itself.
Cybercrime, new Nanocore campaign via fake bank payment
The Ace email attachment contains an exe. This is the malware itself.
Cyber Espionage, Snip3 is a new malware exploited to target aerospace and travel sectors
Microsoft cybersecurity experts: It then delivers RevengeRAT or AsyncRAT for data theft, and payloads as Agent Tesla to exfliltrate it.
Cybercrime: here it is ToxicEye, a new malware exploiting Telegram
Check Point cybersecurity experts: The RAT is managed over the platform, communicating with the attacker’s C&C server and exfiltrating data to it.
Cyber Espionage, Muddy Water targets UAE and Kuwait with ScreenConnect
Anomali cybersecurity experts: Iran’s APT exploits 2 lures: a report on relations between Arab countries and Israel, or a file on scholarships.
Cybercrime, FIN7 and RYUK groups are cooperating
Truesec cybersecurity experts: Maybe the first one sold its TTPs to the ransomware gang, probably they are closely affiliated and may be part of the same network.
Cybercrime: here it comes Ghimob, last mobile banking trojan
Kaspersky cybersecurity experts: The malware, designed by Guildma, abuses Accessibility Mode and exploits email to spread.
Cybercrime, AsyncRat campaign passes from a real company in India
The bait is the usual invoice, theoretically contained in the compressed attachment. Inside there is an exe file which, when opened, triggers the infection of the malware.
Cybercrime, WHS Rat is spread with SlimPDF reader
The lure is a fake CV attached in a mail. If the victim opens it, it asks to install the reader. Meanwhile Meanwhile, a JS activates the malware infection chain.