agent tesla (9)

12754735493?profile=RESIZE_400xCybersecurity researchers have detailed widespread phishing campaigns targeting small and medium-sized businesses (SMBs) in Poland during May 2024 that led to the deployment of several malware families like Agent Tesla, Formbook, and Remcos RAT.  Some of the other regions targeted by the campaigns include Italy and Romania.  Attackers used previously compromised email accounts and company servers, not only to spread malicious emails but also to host malware and collect stolen data.

See:  https:/

12672524291?profile=RESIZE_180x180Our friends at FortiGuard Labs recently captured a new phishing campaign that demonstrates the spread of a new Agent Tesla variant, specifically targeting Spanish-speaking people.  Agent Tesla is a well-known. Net-based Remote Access Trojan (RAT) is designed to stealthily infiltrate victim’s computers and steal their sensitive information, such as their computer’s hardware information, login user information, keystrokes, email contacts, web browser cookies files, system clipboard data, screensho

12287714671?profile=RESIZE_400xResearch from Cofense has found that user credentials are being targeted by hackers and scammers on a scale never seen before.  Indicators of compromise (IoC), digital evidence of a cyber attack, for credential phishing have increased in Q3 by close to 45% over Q2, the company's report found.

IT Management Solutions - Compared to the Q3 period of 2022, IoCs of credential phishing are up 85% with PDFs being the most common malicious file extension attached to a phishing email.

Do not take the bai

10834958069?profile=RESIZE_400xFortinet researchers recently found some malicious Microsoft Office documents that attempted to leverage legitimate websites, MediaFire and Blogger, to execute a shell script and then dropped two malware variants of Agent Tesla and njRat.  Agent Tesla is a well-known spyware, first discovered in 2014, which can steal personal data from web browsers, mail clients, and FTP servers, collect screenshots and videos, and capture clipboard data.  njRat (also known as Bladabindi) is a remote agent Troja

10756525283?profile=RESIZE_400xThe US Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) have picked 11 malware families as their top threats.    The list comprises malware that has evolved over the past ten years as banking trojans, remote access trojans, information stealers, and ransomware delivery tools.

The agencies listed the top malware strains of 2022:

  • Agent Tesla (information stealer)
  • AZORult (information stealer)
  • Formbook (information stealer)
  • Ursnif (banking Tro

10661734074?profile=RESIZE_400xRed Sky Alliance regularly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associat

10575761875?profile=RESIZE_400xRed Sky Alliance regularly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate

10215100865?profile=RESIZE_400xRed Sky Alliance performs queries of our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Email subject line Motor Vessel (MV) or Motor Tanker (MT) keyword usage is a common lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which Red Sky Alliance directly observed the vessel being impersonated, with assoc

10184219479?profile=RESIZE_400xSince the beginning of phishing, fraudulent invoicing and purchasing schemes have been one of the most common lures, because they make money.  The usual modus operandi involves appealing to the recipient’s desire to avoid incurring a debt, especially where a business may be involved.  Researchers recently came across an interesting phishing e-mail masquerading as a purchase order addressed to a Ukrainian manufacturing organization that deals with raw materials and chemicals.  The e-mail containe