ThreatsHub.org
During the first quarter of 2022, we discovered a significant number of infections using multiple new Emotet variants that employed both old and new techniques to trick their intended victims into accessing malicious links and enabling macro content. Read More HERE…
Read more
We found waves of Emotet spam campaigns using unconventional IP addresses to evade detection. Read More HERE…
Read more
We analyzed a fileless QAKBOT stager possibly connected to the recently reported Squirrelwaffle campaign. Read More HERE…
Read more
We observed BazarLoader adding two new arrival mechanisms to their current roster of malware delivery techniques. Read More HERE…
Read more
Squirrelwaffle is known for using the tactic of sending malicious spam as replies to existing email chains. We look into how by investigating its exploit of Microsoft Exchange Server vulnerabilities, ProxyLogon and ProxyShell. Read More HERE…
Read more
We analyzed five major types of email channels, and the techniques in keywords and domain names BEC actors use to appear legitimate to potential victims. Read More HERE…
Read more
In 2019, we wrote a blog entry about a threat actor, known as APT-C-36 or Blind Eagle, targeting entities in Colombia and other South American countries with spam emails. We have continued tracking this threat actor and share our new findings about APT-C-36’s ongoing spam campaign during that monitoring phase. Read More HERE…
Read more
Just before the opening of the Tokyo Olympics, we confirmed an attack that directed users from a fake TV broadcast schedule page to browser notification spam. Read More HERE…
Read more