spam

Pierluigi Paganini June 26, 2019
Malspam campaign spreads LokiBot & NanoCore via ISO image files

Experts from security firm Netskope observed variants of LokiBot and NanoCore malware distributed in ISO Image through malspam campaign. Security firm Netskope observed a new malspam campaign delivering variants of LokiBot and NanoCore malware in ISO image file attachments. “Netskope Threat Research Labs has been tracking multiple similar malspam campaigns that began in  April 2019. […]

Pierluigi Paganini June 10, 2019
Microsoft warns of spam campaign exploiting CVE-2017-11882 flaw

Microsoft is warning of an active spam campaign targeting European languages that leverages an exploit to infect simply by opening the attachment. Microsoft issued a warning on Friday about an ongoing spam campaign that is targeting European users. Spam messages are carrying weaponized RTF documents that could infect users with malware without any user interaction, […]

Pierluigi Paganini May 05, 2019
Ukrainian national Oleksii Petrovich Ivanov extradited to US facing hacking charges

International ‘Malvertiser’ Oleksii Petrovich Ivanov extradited from the Netherlands to face hacking charges in New Jersey The Ukrainian national Oleksii Petrovich Ivanov (31) was extradited to the U.S. from the Netherlands and is facing charges of conspiracy to commit wire fraud, wire fraud, and computer fraud. The man is suspected to have carried out malvertising […]

Pierluigi Paganini April 29, 2019
New Emotet variant uses connected devices as proxy C2 servers

Researchers at Trend Micro have uncovered a malware campaign distributing a new Emotet Trojan variant that compromises devices and uses them as Proxy C2 servers. Trend Micro discovered a new variant of the Emotet Trojan that is able to infect devices and use them as proxy command-and-control servers. The new variant also employs random URI […]

Pierluigi Paganini April 17, 2019
A new variant of HawkEye stealer emerges in the threat landscape

A new variant of the HawkEye data stealer emerges in the threat landscape as part of ongoing malware distribution campaigns. New malware campaigns leveraging a new variant of the HawkEye data stealer have been observed by experts at Talos. The malware has been under active development since at least 2013 and it is offered for […]

Pierluigi Paganini March 29, 2019
Malware researchers decrypted the Qrypter Payload

Malware researchers at Cybaze-Yoroi ZLAB team dissected a new sample of Qrypter malware that revealed an interesting evolution of the threat. Introduction During the last weeks, Yoroi’s monitoring operation intercepted some malicious emails required further attention: they were sent to a very few organizations and the content was specifically tailored for Italian speaking targets. This […]

Pierluigi Paganini March 17, 2019
Experts uncovered a malspam campaign using Boeing 737 Max crashes

Experts at the 360 Threat Intelligence Center uncovered a new malspam campaign that leverages the tragic Boeing 737 Max crash to spread malware. Crooks always attempt to exploit the attention of the people on the events that made the headlines. In the last days, two events captured the attention of the media, the New Zealand […]

Pierluigi Paganini February 26, 2019
Malware spam campaign exploits WinRAR flaw to deliver Backdoor

Experts discovered a malspam campaign that is distributing a malicious RAR archive that could exploit the WinRAR flaw to install deliver malware on a computer. A few days ago, security experts at CheckPoint software have disclosed a critical 19-year-old vulnerability in the WinRAR that could be exploited by attackers to gain full control over a […]

Pierluigi Paganini February 16, 2019
Astaroth Trojan relies on legitimate os and antivirus processes to steal data

A new Astaroth Trojan campaign was spotted by the Cybereason’s Nocturnus team, hackers are targeting Brazil and European countries. Researchers at Cybereason’s Nocturnus team have uncovered a new Astaroth Trojan campaign that is currently exploiting the Avast antivirus and security software developed by GAS Tecnologia to steal information and drop malicious modules. “The campaign exploits legitimate operating system processes […]

Pierluigi Paganini January 24, 2019
New Russian Language Malspam is delivering Redaman Banking Malware

A still ongoing spam campaign that has been active during the last months has been distributing the Redaman banking malware. Experts at Palo Alto Networks continue to monitor an ongoing spam campaign that has been distributing the Redaman banking malware. The malware was first observed in the threat landscape in 2015, most of the victims […]