#TA544 back using #Remcos after using #SystemBC briefly last week. Unique page,link URLs redir to .url file with file://.zip/.vhd SMB target abusing CVE-2023-36025 so it will mount the VHD by just opening the .URL. Exe using #DOILoader #IDATLoader w. local payload. cc Will Dormann
innovation in cyber intrusions the evolution of ta544 yoroi.company/en/research/in… #pentesting #cybersecurity #Infosec
TA544, aka Bamboo Spider or Zeus Panda, spreads WailingCrab via delivery-themed emails. This sophisticated malware infiltrates systems, prioritizing stealth to resist analysis efforts. Learn more about this threat in our #ThreatAdvisoryTuesday report. okt.to/E3otsY
#Hacking #Ursnif #Malware #Vulnerability #Cyberespionage #CyberCrime #CyberAttack #CyberSecurity
TA544 group behind a spike in Ursnif malware campaigns targeting Italy.
proofpoint.com/us/blog/securi…
Too in #italy #WikiLoader - #TA544 #quickbooks
'Invoice Reminder: Your payment to Allen&Overy LLP '
EML>PDF>url>zip>js>js>dll
⚠️zip Url
https[:]//infplaute[.]com/international-commercial
❇️Samples
bazaar.abuse.ch/browse/tag/Wik…
☢️ #TA544 #phishing #Italy 🇮🇹
Subject: Emissione bolletta PEC
xls: 109d15a7d33e671ded911d97bc4a15ab
url (503): dooxil[.]com
Enel Energia Clienti Enel Group
TA544, aka Bamboo Spider or Zeus Panda, spreads WailingCrab via delivery-themed emails. This sophisticated malware infiltrates systems, prioritizing stealth to resist analysis efforts. Learn more about this threat in our #ThreatAdvisoryTuesday report. okt.to/PjNphF
HijackLoader Gelişiyor: Araştırmacılar En Son Kaçınma Yöntemlerinin Kodunu Çözüyor
sibermuhbir.com/haber/hijacklo…
#hijackloader #sibertehdit #cyberthreat #guvenlik #security #endpoint #vulnerability #sibermuhbir #crowdstrike #ta544 #idatloader