Cybercrime, Quakbot exploits U.K. STEEL EXPORTS LIMITED company certificates
New signed campaign to trick victims’ antivirus, allowing them to download and install the malware via attachment.
Cybercrime, new Dridex campaign via fake Quickbooks invoice
The email xls attachment contacts a random url from an internal list and downloads the dll, which starts the malware infection.
Cybercrime, PARTYNET LIMITED company certificates exploited by Quakbot
New signed campaign to trick victims’ antivirus, allowing them to download and install the malware via attachment.
Cybercrime, new Ursnif/Gozi campaign in Italy via false BRT invoice
The email xlsm attachment contacts single url from which it downloads the dll, which starts malware infection. But only from Italian IPs and if they are not blacklisted.
Cybercrime, Walmart themed Dridex global campaign
The email xlsm attachment contacts a url from an internal list and downloads the dll, starting the malware infection.
Cybercrime, Dridex is back with a Quickbooks global campaign
Bitdefender cybersecurity experts: More than half of the phishing emails, sent to spread the malware, originate from IP addresses in Italy.
Cybercrime: here it is ToxicEye, a new malware exploiting Telegram
Check Point cybersecurity experts: The RAT is managed over the platform, communicating with the attacker’s C&C server and exfiltrating data to it.
Cybercrime, new Ursnif / Gozi campaign in Italy with IcedID template
The attack is part of the TA551 (Shathak) offensive. The doc file in the email zip attachment contacts a url to download the dll and start malware infection.
Cybercrime, the Dridex campaign via Quickbooks is back
The xls attachment of the mail, also arrived in Italy, randomly contacts a link from an internal list and downloads the dll, starting the malware infection.
Cybercrime, Ursnif / Gozi campaign in Italy via fake Findomestic email
The xlsb attachment contacts a single url from which it downloads the dll, starting the infection of the malware. But only if the IP is Italian.