Fortgale Blog » Phishing - Attacchi Gennaio 2019

Published 25/01/2019

Fortgale negli ultimi giorni ha rilevato una ondata di attacchi informatici nei confronti di diverse società italiane.

Gli attaccanti utilizzano un allegato malevolo per dirottare l’utente su siti contenenti malware o pagine di phishing. Rappresentando la prima fase di una più seria compromissione dei sistemi di una azienda.

Il corpo della mail non contiene molte informazioni e in allegato è presente un file PDF .

Il PDF contiene un link ad un sito malevolo che induce l’utente al download di malware o all’inserimento delle credenziali:

phishing

In February 2026, the Fortgale Incident Response team investigated a multi-stage intrusion attributed to Mora_001, a Russian-origin threat actor exploiting Fortinet vulnerabilities. The campaign, internally dubbed "FortiSync Quasar," revealed an evolution from ransomware operations to strategic espionage, deploying Matanbuchus 3.0, Astarion RAT, and SystemBC. Rapid containment prevented any data exfiltration.

Espionage Forescout Fortgale fortinet matanbuchus mora_001 ransomware report SentinelOne storming tide

Learn more

Defence

January 24, 2026

Protected: Investment-Targeted Phishing: How Phishing Kit Fuels Espionage in Funding Rounds

There is no excerpt because this is a protected post.

phishing pishsurf rockstar rockstar 2fa

Learn more

Cookie	Duration	Description
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

Phishing – Attacchi Gennaio 2019

Related articles

Protected: Matanbuchus – Malware Analysis

Operation Storming Tide: A massive multi-stage intrusion campaign

Protected: Investment-Targeted Phishing: How Phishing Kit Fuels Espionage in Funding Rounds

Phishing – Attacchi Gennaio 2019

Related articles

Protected: Matanbuchus – Malware Analysis

Operation Storming Tide: A massive multi-stage intrusion campaign

Protected: Investment-Targeted Phishing: How Phishing Kit Fuels Espionage in Funding Rounds

Cookie & Privacy