Found 15 bookmarks
Custom sorting
Analysis of the Phishing Campaign: Behind the Incident
Analysis of the Phishing Campaign: Behind the Incident
See the results of our investigation into the phishing campaign encountered by our company and get information to defend against it.  Here are some key findings: We found around 72 phishing domains pretending to be real or fake companies. These domains created believable websites that tricked people into sharing their login details. The attack was sophisticated, using advanced techniques like direct human interaction to deceive targets. We analyzed several fake websites and reverse-engineered their web-facing application. At the end of the post, you will find a list of IOCs that can be used for improving your organization’s security.
#any.run#EN#2024#incident#phishing#spear-phishing#IoCs
·any.run·
Analysis of the Phishing Campaign: Behind the Incident
BRATA is evolving into an Advanced Persistent Threat
BRATA is evolving into an Advanced Persistent Threat
Here we go with another episode about our (not so) old friend, BRATA. In almost one year, threat actors (TAs) have further improved the capabilities of this malware. In our previous blog post [1] we defined three main BRATA variants, which appeared during two different waves detected by our telemetries at the very end of 2021. However, during the last months we have observed a change in the attack pattern commonly used.
#cleafy#2022#EN#malware#BRATA#APT#phishing#analysis#IOCs#banker
·cleafy.com·
BRATA is evolving into an Advanced Persistent Threat
BRATA is evolving into an Advanced Persistent Threat
BRATA is evolving into an Advanced Persistent Threat
Here we go with another episode about our (not so) old friend, BRATA. In almost one year, threat actors (TAs) have further improved the capabilities of this malware. In our previous blog post [1] we defined three main BRATA variants, which appeared during two different waves detected by our telemetries at the very end of 2021. However, during the last months we have observed a change in the attack pattern commonly used.
#cleafy#2022#EN#malware#BRATA#APT#phishing#analysis#IOCs#banker
·cleafy.com·
BRATA is evolving into an Advanced Persistent Threat
BRATA is evolving into an Advanced Persistent Threat
BRATA is evolving into an Advanced Persistent Threat
Here we go with another episode about our (not so) old friend, BRATA. In almost one year, threat actors (TAs) have further improved the capabilities of this malware. In our previous blog post [1] we defined three main BRATA variants, which appeared during two different waves detected by our telemetries at the very end of 2021. However, during the last months we have observed a change in the attack pattern commonly used.
#cleafy#2022#EN#malware#BRATA#APT#phishing#analysis#IOCs#banker
·cleafy.com·
BRATA is evolving into an Advanced Persistent Threat
BRATA is evolving into an Advanced Persistent Threat
BRATA is evolving into an Advanced Persistent Threat
Here we go with another episode about our (not so) old friend, BRATA. In almost one year, threat actors (TAs) have further improved the capabilities of this malware. In our previous blog post [1] we defined three main BRATA variants, which appeared during two different waves detected by our telemetries at the very end of 2021. However, during the last months we have observed a change in the attack pattern commonly used.
#cleafy#2022#EN#malware#BRATA#APT#phishing#analysis#IOCs#banker
·cleafy.com·
BRATA is evolving into an Advanced Persistent Threat
BRATA is evolving into an Advanced Persistent Threat
BRATA is evolving into an Advanced Persistent Threat
Here we go with another episode about our (not so) old friend, BRATA. In almost one year, threat actors (TAs) have further improved the capabilities of this malware. In our previous blog post [1] we defined three main BRATA variants, which appeared during two different waves detected by our telemetries at the very end of 2021. However, during the last months we have observed a change in the attack pattern commonly used.
#cleafy#2022#EN#malware#BRATA#APT#phishing#analysis#IOCs#banker
·cleafy.com·
BRATA is evolving into an Advanced Persistent Threat
BRATA is evolving into an Advanced Persistent Threat
BRATA is evolving into an Advanced Persistent Threat
Here we go with another episode about our (not so) old friend, BRATA. In almost one year, threat actors (TAs) have further improved the capabilities of this malware. In our previous blog post [1] we defined three main BRATA variants, which appeared during two different waves detected by our telemetries at the very end of 2021. However, during the last months we have observed a change in the attack pattern commonly used.
#cleafy#2022#EN#malware#BRATA#APT#phishing#analysis#IOCs#banker
·cleafy.com·
BRATA is evolving into an Advanced Persistent Threat
BRATA is evolving into an Advanced Persistent Threat
BRATA is evolving into an Advanced Persistent Threat
Here we go with another episode about our (not so) old friend, BRATA. In almost one year, threat actors (TAs) have further improved the capabilities of this malware. In our previous blog post [1] we defined three main BRATA variants, which appeared during two different waves detected by our telemetries at the very end of 2021. However, during the last months we have observed a change in the attack pattern commonly used.
#cleafy#2022#EN#malware#BRATA#APT#phishing#analysis#IOCs#banker
·cleafy.com·
BRATA is evolving into an Advanced Persistent Threat
An infostealer comes to town: Dissecting a highly evasive malware targeting Italy
An infostealer comes to town: Dissecting a highly evasive malware targeting Italy
Cluster25 researchers analyzed several campaigns (also publicly reported by CERT-AGID) that used phishing emails to spread an InfoStealer malware written in .NET through an infection chain that involves Windows Shortcut (LNK) files and Batch Scripts (BAT). Taking into account the used TTPs and extracted evidence, the attacks seem perpetrated by the same adversary (internally named AUI001).
#cluster25#EN#2022#infostealer#Italy#phishing#Campaigns#analysis#Alibaba2044#IoCs
·blog.cluster25.duskrise.com·
An infostealer comes to town: Dissecting a highly evasive malware targeting Italy
Lampion Trojan Utilizes New Delivery through Cloud-Based Sharing
Lampion Trojan Utilizes New Delivery through Cloud-Based Sharing
Analysts at the Cofense Phishing Defense Center (PDC) have recently analyzed an email asking users to download a “Proof of Payment” as well as other documents. While it is important to never click on the link(s) or download the attachment(s) of any suspicious email, if the recipient interacts with the link, it downloaded the malware Lampion.
#cofense#EN#2022#Phishing#Lampion#malware#IoCs
·cofense.com·
Lampion Trojan Utilizes New Delivery through Cloud-Based Sharing
BRATA is evolving into an Advanced Persistent Threat
BRATA is evolving into an Advanced Persistent Threat
Here we go with another episode about our (not so) old friend, BRATA. In almost one year, threat actors (TAs) have further improved the capabilities of this malware. In our previous blog post [1] we defined three main BRATA variants, which appeared during two different waves detected by our telemetries at the very end of 2021. However, during the last months we have observed a change in the attack pattern commonly used.
#cleafy#2022#EN#malware#BRATA#APT#phishing#analysis#IOCs#banker
·cleafy.com·
BRATA is evolving into an Advanced Persistent Threat
An infostealer comes to town: Dissecting a highly evasive malware targeting Italy
An infostealer comes to town: Dissecting a highly evasive malware targeting Italy
Cluster25 researchers analyzed several campaigns (also publicly reported by CERT-AGID) that used phishing emails to spread an InfoStealer malware written in .NET through an infection chain that involves Windows Shortcut (LNK) files and Batch Scripts (BAT). Taking into account the used TTPs and extracted evidence, the attacks seem perpetrated by the same adversary (internally named AUI001).
#cluster25#EN#2022#infostealer#Italy#phishing#Campaigns#analysis#Alibaba2044#IoCs
·blog.cluster25.duskrise.com·
An infostealer comes to town: Dissecting a highly evasive malware targeting Italy
Lampion Trojan Utilizes New Delivery through Cloud-Based Sharing
Lampion Trojan Utilizes New Delivery through Cloud-Based Sharing
Analysts at the Cofense Phishing Defense Center (PDC) have recently analyzed an email asking users to download a “Proof of Payment” as well as other documents. While it is important to never click on the link(s) or download the attachment(s) of any suspicious email, if the recipient interacts with the link, it downloaded the malware Lampion.
#cofense#EN#2022#Phishing#Lampion#malware#IoCs
·cofense.com·
Lampion Trojan Utilizes New Delivery through Cloud-Based Sharing
BRATA is evolving into an Advanced Persistent Threat
BRATA is evolving into an Advanced Persistent Threat
Here we go with another episode about our (not so) old friend, BRATA. In almost one year, threat actors (TAs) have further improved the capabilities of this malware. In our previous blog post [1] we defined three main BRATA variants, which appeared during two different waves detected by our telemetries at the very end of 2021. However, during the last months we have observed a change in the attack pattern commonly used.
#cleafy#2022#EN#malware#BRATA#APT#phishing#analysis#IOCs#banker
·cleafy.com·
BRATA is evolving into an Advanced Persistent Threat
BRATA is evolving into an Advanced Persistent Threat
BRATA is evolving into an Advanced Persistent Threat
Here we go with another episode about our (not so) old friend, BRATA. In almost one year, threat actors (TAs) have further improved the capabilities of this malware. In our previous blog post [1] we defined three main BRATA variants, which appeared during two different waves detected by our telemetries at the very end of 2021. However, during the last months we have observed a change in the attack pattern commonly used.
#cleafy#2022#EN#malware#BRATA#APT#phishing#analysis#IOCs#banker
·cleafy.com·
BRATA is evolving into an Advanced Persistent Threat