#Italy Weekly malspam n.25 from 19 to 25 Jun 2023 We have analyzed 51 campaigns, 6 in italian 🔥 #AgentTesla #FormBook #SnakeLogger #Ave_Maria #Ursnif hits Italy again with theme Pagamenti Total family 8 tgsoft.it/news/news_arch… moto_sato sugimu🐞 JAMESWT_MHT Breabin Radu

#Italy Weekly malspam n.26 from 26 Jun to 2 Jul 2023 We have analyzed 51 campaigns, 15 in italian 🔥 #AgentTesla #FormBook #LokiBot #Rhadamanthys New entry RAT spread via PEC Total family 10 moto_sato JAMESWT_MHT sugimu🐞 Breabin Radu Michele tgsoft.it/news/news_arch…

🚨Largest ever operation against botnets hits dropper malware ecosystem. Operation Endgame, coordinated from Europol headquarters, has led to four arrests and the takedown of over 100 servers worldwide. More information in our press release⤵️ europol.europa.eu/media-press/ne…

#APT17 aka #DeputyDog strikes Italian government agencies and companies with sophisticated campaigns that use the #RAT9002 for cyber espionage operations. Read the full report on: tgsoft.it/news/news_arch… moto_sato sugimu🐞 JAMESWT_MHT

A China-linked threat actor called APT17 has been observed targeting Italian companies and government entities using a variant of a known malware referred to as 9002 RAT. thehackernews.com/2024/07/china-… The Hacker News

TG Soft has been monitoring the abuse of MSC files by a Chinese APT that exploited a new diskless shellcode that download the Marte Beacon with Cobalt Strike tgsoft.it/news/news_arch… moto_sato nao_sec AhnLab Security Information Elastic Security Labs StrikeReady Labs Joe Desimone

Interesting #CobaltStrike from "apt-99" with C2: pythongo[.]online LNK -> Silverlight.exe (sideloading coreclr.dll) -> bin.dat -> CS C:\Users\admin\Desktop\Project\cs4.5(apt-99)\cs4.5 2\external\beacon\Release\beacon.pdb moto_sato StrikeReady Labs