ARC Labs recently analyzed a phishing email used in a credential harvesting campaign that leveraged a lure notifying the target they received a voice message and needed to visit a link to access it. Analysis of the payload revealed heavily obfuscated HTML data which executed JavaScript code embedded within an SVG image when the page […]
Recently, we observed a phishing campaign targeting the Latin American region. The phishing email contained a ZIP file attachment that when extracted reveals an HTML file that leads to a malicious file download posing as an invoice. Figure 1. Phishing email sample with zip file attachment Upon checking the email header, we see that […]
Mar 25, 2024NewsroomCyber Espionage / Email Security The Iran-affiliated threat actor tracked as MuddyWater (aka Mango Sandstorm or TA450) has been linked to a new phishing campaign in March 2024 that aims to deliver a legitimate Remote Monitoring and Management (RMM) solution called Atera. The activity, which took place from March 7 through the week […]
The VCURMS RAT uses a Proton Mail email address for communicating with a command-and-control server and can extract and execute commands from specific subject lines in emails.
U.S. prosecutors secured another conviction this week in a business email compromise (BEC) scheme that dates back to 2017. Nigerian national Henry Onyedikachi Echefu, 32, pleaded guilty Monday to conspiracy to commit wire fraud and conspiracy to commit money laundering, the Department of Justice (DOJ) said. Echefu was in South Africa at the time of […]
Email Security & Protection , Fraud Management & Cybercrime , Governance & Risk Management Joint Hornetsecurity-Vade Will Have More Geographic Reach, Microsoft 365 Protection Michael Novinson (MichaelNovinson) • March 5, 2024 Georges Lotigier, CEO, Vade (Image: Vade) Hornetsecurity purchased French email security vendor Vade to expand its geographic footprint and protection capabilities around […]
Email Security & Protection , Fraud Management & Cybercrime , Governance & Risk Management Joint Hornetsecurity-Vade Will Have More Geographic Reach, Microsoft 365 Protection Michael Novinson (MichaelNovinson) • March 5, 2024 Georges Lotigier, CEO, Vade (Image: Vade) Hornetsecurity purchased French email security vendor Vade to expand its geographic footprint and protection capabilities around […]
Today, we are going to look at one of the similar campaigns which is delivered via email as a PDF attachment and ends up downloading a RAT leaving the system infected. The email here is an example of scamming and brand impersonation where sender is seeking a refund of a reservation made at Booking.com and […]
Cybersecurity researchers are warning about a spike in email phishing campaigns that are weaponizing the Google Cloud Run service to deliver various banking trojans such as Astaroth (aka Guildma), Mekotio, and Ousaban (aka Javali) to targets across Latin America (LATAM) and Europe. “The infection chains associated with these malware families feature the use of malicious […]