Apr 10, 2024NewsroomCyber Crime / Malvertising Cybersecurity researchers have discovered a new Raspberry Robin campaign wave that propagates the malware through malicious Windows Script Files (WSFs) since March 2024. “Historically, Raspberry Robin was known to spread through removable media like USB drives, but over time its distributors have experimented with other initial infection vectors,” HP […]
Recently, we observed a phishing campaign targeting the Latin American region. The phishing email contained a ZIP file attachment that when extracted reveals an HTML file that leads to a malicious file download posing as an invoice. Figure 1. Phishing email sample with zip file attachment Upon checking the email header, we see that […]
A recent analysis by Cyble has revealed a concerning escalation in the fake e-shop campaign, signaling a looming threat to banking security across various regions. Initially focused on Malaysian banks, this e-shop phishing campaign has now extended its reach to financial institutions in Vietnam and Myanmar. What sets this phishing campaign apart from others on […]
Apr 08, 2024NewsroomCybersecurity / Malvertising A new phishing campaign has set its eyes on the Latin American region to deliver malicious payloads to Windows systems. “The phishing email contained a ZIP file attachment that when extracted reveals an HTML file that leads to a malicious file download posing as an invoice,” Trustwave SpiderLabs researcher Karla […]
Mar 27, 2024NewsroomVulnerability / Cybercrime A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla. Trustwave SpiderLabs said it identified a phishing email bearing this attack chain on March 8, 2024. The message masquerades as a bank payment notification, urging the user to […]
Unidentified adversaries orchestrated a sophisticated attack campaign that has impacted several individual developers as well as the GitHub organization account associated with Top.gg, a Discord bot discovery site. “The threat actors used multiple TTPs in this attack, including account takeover via stolen browser cookies, contributing malicious code with verified commits, setting up a custom Python […]
Critical Infrastructure Security , Cybercrime , Endpoint Security New Campaign Evades Security Tools to Deliver Agent Tesla Keylogger and XWorm RAT Prajeet Nair (@prajeetspeaks) • March 13, 2024 Threat actors are hiding malware in SVG image files to evade detection and deliver ransomware, download a banking Trojan and distribute malware. See Also: Live […]
Mar 14, 2024NewsroomMalware / Cyber Attack A DarkGate malware campaign observed in mid-January 2024 leveraged a recently patched security flaw in Microsoft Windows as a zero-day using bogus software installers. “During this campaign, users were lured using PDFs that contained Google DoubleClick Digital Marketing (DDM) open redirects that led unsuspecting victims to compromised sites hosting […]
A malicious campaign has been observed exploiting the blockchain-based Meson service for illicit gains ahead of the crypto token unlock planned for March 15. The campaign, discovered by the Sysdig Threat Research Team (TRT), saw an attacker swiftly create 6000 Meson Network nodes using a compromised cloud account, setting off alarms for multiple AWS users […]