Russia-linked threat actor FlyingYeti is targeting Ukraine with a phishing campaign to deliver the PowerShell malware COOKBOX. Cloudflare researchers discovered phishing campaign conducted by a Russia-linked threat actor FlyingYeti (aka UAC-0149) targeting Ukraine. The experts published a report to describe real-time effort to disrupt and delay this threat activity. At the beginning of Russia’s invasion of Ukraine […]
Researchers discovered a sophisticated multi-stage attack that leverages ScrubCrypt to drop VenomRAT along with many malicious plugins. Fortinet researchers observed a threat actor sending out a phishing email containing malicious Scalable Vector Graphics (SVG) files. The email is crafted to trick recipients into clicking on an attachment, which downloads a ZIP file containing a Batch […]
Researchers at AppRiver uncovered a very trivial phishing campaign targeting the streaming service Spotify, anyway, it is important to share info about it. Security researchers at AppRiver uncovered a phishing campaign targeting the popular streaming service Spotify. The phishing campaign was discovered earlier November, attackers used convincing emails to trick Spotify users into providing their account credentials. The messages include a […]
Experts from Proofpoint discovered a new phishing campaign designed to steal banking data leveraging tactics associated with malware distribution. Security experts from Proofpoint have discovered a new phishing campaign that presents many similarities with campaigns used to spread the Cerber ransomware and the Ursnif banking Trojan. Cyber criminals adopted a technique that leverages on the distribution […]
Security researchers discovered a new phishing campaign leveraging Punycode and a bug in Office 365 defense systems to deceive victims. Office 365 business email users continue to be the target of phishing campaigns, a new wave of attacks was leveraging Punycode to avoid detection of Microsoft’s default security and desktop email filters. Punycode is a method added […]
Security experts at FireEye have uncovered an ongoing phishing campaign leveraging Dropbox account linked to “admin@338” as Command and Control platform. Experts at FireEye have discovered an ongoing phishing campaign using a Dropbox account linked to “admin@338” as the delivery platform. The account ” admin@338 ” was also used in the past to deliver malware, but […]
The Anonymous collective continues the wave of cyber attacks against the Expo 2015 Universal Exposition, the last victim in order of time is the Best Union. Anonymous Italy continues to target the Expo 2015 Universal Exposition being hosted in Milan with a series of attacks under the Operation Italy (#OpItaly). The collective of hackers it targeting […]
Experts at Proofpoint uncovered a pharming attack that uses phishing to exploit router vulnerabilities and carry out malicious activities. Security firm Proofpoint revealed that its experts recently detected a spam campaign targeting organizations and primarily Brazilian Internet users. The spam campaign implements a very effective technique to spy on a victim’s Web traffic. The particularity of this […]