remcos (5)

12754735493?profile=RESIZE_400xCybersecurity researchers have detailed widespread phishing campaigns targeting small and medium-sized businesses (SMBs) in Poland during May 2024 that led to the deployment of several malware families like Agent Tesla, Formbook, and Remcos RAT.  Some of the other regions targeted by the campaigns include Italy and Romania.  Attackers used previously compromised email accounts and company servers, not only to spread malicious emails but also to host malware and collect stolen data.

See:  https:/

12425412287?profile=RESIZE_400xIn 2023, FortiGuard Labs uncovered the 8220 Gang’s utilization of ScrubCrypt to launch attacks targeting exploitable Oracle WebLogic Servers.  ScrubCrypt has been described as an “antivirus evasion tool” that converts executables into undetectable batch files.  It offers several options to manipulate malware, making it more challenging for antivirus products to detect.  Analysts recently discovered a threat actor distributing a phishing email containing malicious Scalable Vector Graphics (SVG) f

11030321078?profile=RESIZE_400xApril 18th was Tax Day in the US.  Did you file your taxes?  If, not you can always get an extension.  Either way, tax payers in the US need to heed the warning from Microsoft security investigators.  Microsoft is warning of a new Remcos Remote Access Trojan (RAT) campaign targeting accounting and tax return preparation firms in the US.  Tax season in the US has long represented an opportunity for cybercriminals to target unsuspecting victims in various types of malicious attacks, including malw

11030321078?profile=RESIZE_400xApril 18th was Tax Day in the US.  Did you file your taxes?  If, not you can always get an extension.  Either way, tax payers in the US need to heed the warning from Microsoft security investigators.  Microsoft is warning of a new Remcos Remote Access Trojan (RAT) campaign targeting accounting and tax return preparation firms in the US.  Tax season in the US has long represented an opportunity for cybercriminals to target unsuspecting victims in various types of malicious attacks, including malw

10898158062?profile=RESIZE_400xActivity Summary - Week Ending on 2 December 2022:

  • Red Sky Alliance identified 30,052 connections from new IP’s checking in with our Sinkholes
  • Microsoft in Singapore hit 111x
  • Nivdort Malware Variant moves up in Collections
  • Analysts identified 1,256 new IP addresses participating in various Botnets
  • Tridas eWriter
  • Remcos
  • NY Suffolk County Hit
  • German Festo and CODESYS
  • Guadeloupe
  • UK Cyber Regulation

Link to full report: IR-22-336-001_weekly336.pdf