formbook (5)

12754735493?profile=RESIZE_400xCybersecurity researchers have detailed widespread phishing campaigns targeting small and medium-sized businesses (SMBs) in Poland during May 2024 that led to the deployment of several malware families like Agent Tesla, Formbook, and Remcos RAT.  Some of the other regions targeted by the campaigns include Italy and Romania.  Attackers used previously compromised email accounts and company servers, not only to spread malicious emails but also to host malware and collect stolen data.

See:  https:/

10756525283?profile=RESIZE_400xThe US Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) have picked 11 malware families as their top threats.    The list comprises malware that has evolved over the past ten years as banking trojans, remote access trojans, information stealers, and ransomware delivery tools.

The agencies listed the top malware strains of 2022:

  • Agent Tesla (information stealer)
  • AZORult (information stealer)
  • Formbook (information stealer)
  • Ursnif (banking Tro

10575761875?profile=RESIZE_400xRed Sky Alliance regularly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate

10202124065?profile=RESIZE_400xActivity Summary - Week Ending on 11 March 2022:

  • Red Sky Alliance identified 20,047 connections from new IP’s checking in with our Sinkholes
  • Malicious Keylogger data is back with 22 Keylogged emails
  • Analysts identified 3,431 new IP addresses participating in various Botnets
  • Remote Utilities Software
  • Stone Panda
  • Slug & the Daxin Backdoor
  • Mitre ATT&CK - Sightings Ecosystem
  • Nvidia Attack
  • DDoS Annoyance?
  • Oil & Gas Saudi Arabia - Formbook Malware
  • DarkNet City

 

Full report: IR-22-070-001_weekly070.

8801927301?profile=RESIZE_400xActivity Summary - Week Ending 16 April 2021:

  • Red Sky Alliance observed 58 new unique email accounts compromised with Keyloggers
  • Analysts identified 30,373 connections from new unique IP addresses
  • 3,512 new IP addresses participating in various Botnets were Observed
  • Security Researcher under Attack
  • CISA’s New Tool – Aviary
  • FormBook Malware
  • State Sponsored APT
  • Lazarus and Vyvera
  • TiT-for-TaT is Never Good
  • Myanmar and Taiwan Protests

Link to full report: IR-21-106-001_weekly_106.pdf