Pierluigi Paganini
July 13, 2022
A large-scale phishing campaign used adversary-in-the-middle (AiTM) phishing sites to hit more than 10,000 organizations Microsoft observed a large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack a user’s sign-in session, and bypass the authentication process even when the victim has enabled the MFA. In AiTM phishing, threat actors set up a proxy […]
Pierluigi Paganini
July 11, 2022
A large-scale phishing campaign leveraging the Anubis Network is targeting Brazil and Portugal since March 2022. A large-scale phishing campaign is targeting Internet-end users in Brazil and Portugal since March 2022. Anubis Network is a C2 portal developed to control fake portals and aims to steal credentials to fully access the real systems. This C2 […]
Pierluigi Paganini
July 05, 2022
The Cyber Police of Ukraine arrested nine members of a cybercriminal gang that has stolen 100 million hryvnias via phishing attacks. The Cyber Police of Ukraine arrested nine members of a cybercriminal organization that stole 100 million hryvnias via phishing attacks. The crooks created more than 400 phishing sites for obtaining the banking data of […]
Pierluigi Paganini
July 04, 2022
The Threat Report Portugal: Q2 2022 compiles data collected on the malicious campaigns that occurred from March to June, Q2, 2022. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. This feed is based on automatic searches and is supported by a […]
Pierluigi Paganini
June 21, 2022
Experts identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. Resecurity, Inc. (USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. The identified resources in one of the malicious campaigns impersonate various services […]
Pierluigi Paganini
May 15, 2022
Ukraine Computer Emergency Response Team (CERT-UA) reported a phishing campaign conducted by Armageddon APT using GammaLoad.PS1_v2 malware. Ukraine Computer Emergency Response Team (CERT-UA) reported a phishing campaign using messages with subject “On revenge in Kherson!” and containing the “Plan Kherson.htm” attachment. The HTM-file will decode and create an archive named “Herson.rar”, which contains a file-shortcut […]
Pierluigi Paganini
May 10, 2022
The Resecurity HUNTER unit identified a new underground service called ‘Frappo’, which is available on the Dark Web. “Frappo” acts as a Phishing-as-a-Service and enables cybercriminals the ability to host and generate high-quality phishing pages which impersonate major online banking, e-commerce, popular retailers, and online-services to steal customer data. The platform has been built by […]
Pierluigi Paganini
March 08, 2022
Ukraine’s CERT-UA warned citizens of new phishing attacks launched through compromised email accounts belonging to Indian entities. Ukraine’s Computer Emergency Response Team (CERT-UA) is warning of new phishing attacks targeting Ukrainian citizens through compromised email accounts belonging to three different Indian entities. The attacks were aimed at stealing sensitive information from compromised accounts. The malicious […]
Pierluigi Paganini
February 22, 2022
The Ukrainian police arrested a gang specialized in the sale of stolen payment card data through phishing attacks. The cybercrime unit of the Ukrainian police has arrested a group of cybercriminals who managed to steal payment card data from at least 70,000 people by setting up mobile fake top-up services. The police arrested five that created and […]
Pierluigi Paganini
February 21, 2022
The Threat Report Portugal: Q4 2021 compiles data collected on the malicious campaigns that occurred from October to December, Q4, of 2021. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. This feed is based on automatic searches and is also supported […]
