LockBit affiliate uses Amadey Bot malware to deploy ransomware

A LockBit 3.0 ransomware affiliate is using phishing emails that install the Amadey Bot to take control of a device and encrypt devices. According to a new AhnLab report, the threat actor targets companies using phishing emails with lures pretending Read More …

Massive Phishing Campaigns Target India Banks’ Clients

Trend Micro researchers observed an uptick in attacks targeting bank customers in India, the common entry point being a text message with a phishing link. The SMS content urges the victims to open the embedded phishing link or malicious app Read More …

Robin Banks phishing service returns to steal banking accounts

The Robin Banks phishing-as-a-service (PhaaS) platform is back in action with infrastructure hosted by a Russian internet company that offers protection against distributed denial-of-service (DDoS) attacks. Robin Banks faced operational disruption in July 2022, when researchers at IronNet exposed the Read More …

Emotet botnet starts blasting malware again after 5 month break

The Emotet malware operation is again spamming malicious emails after almost a five-month “vacation” that saw little activity from the notorious cybercrime operation. Emotet is a malware infection distributed through phishing campaigns containing malicious Excel or Word documents. When users Read More …

CISA Releases Guidance on Phishing-Resistant and Numbers Matching Multifactor Authentication

CISA has released two fact sheets to highlight threats against accounts and systems using certain forms of multifactor authentication (MFA). CISA strongly urges all organizations to implement phishing-resistant MFA to protect against phishing and other known cyber threats. If an Read More …

New PHP information-stealing malware targets Facebook accounts

A new Ducktail phishing campaign is spreading a never-before-seen Windows information-stealing malware written in PHP used to steal Facebook accounts, browser data, and cryptocurrency wallets. Ducktail phishing campaigns were first revealed by researchers from WithSecure in July 2022, who linked Read More …