pikabot (2)

12389946898?profile=RESIZE_400xThe infamous malware loader and initial access broker known as Bumblebee has resurfaced after a four-month absence as part of a new phishing campaign observed in February 2024. The enterprise security firm Proofpoint reported that the activity targets organizations in the US with voicemail-themed lures containing links to OneDrive URLs.  "The URLs led to a Word file with names such as "ReleaseEvans#96.docm" (the digits before the file extension varied)," the company said in a recent report.  "Th

12336868687?profile=RESIZE_400xThe malware loader PikaBot is being distributed as part of a malvertising campaign targeting users searching for legitimate software like AnyDesk.  PikaBot was previously only distributed via malspam campaigns, similar to QakBot, and emerged as one of the preferred payloads for a threat actor known as TA577.  The malware family, which first appeared in early 2023, consists of a loader and a core module that allows it to operate as a backdoor and a distributor for other payloads.

See:  https://re