Italian IoT devices abused for cyber attacks
Italian IoT devices conscripted into botnets and used as launch pads for cyber attacks: device profiles, exposure metrics and remediation considerations.
Category
Emerging Threats
Read the analysis
Ursnif Malware — behaviour and removal
Ursnif (Gozi/ISFB) banking trojan: persistence mechanisms, web-injection capabilities, command-and-control patterns and remediation steps for infected hosts.
Ursnif — attacks in Italy
Ursnif campaigns aimed at Italian organisations: phishing lures in Italian, payload delivery patterns and C2 hosting trends observed across multiple waves.
FortPot — attacks from the network
Insights from FortPot honeynet sensors: scanning waves, exploitation attempts on exposed services, automated brute-force trends and ASN-level intelligence.
Indicators of Compromise — 4 September 2018
Indicators of Compromise from August-September 2018 banking-malware campaigns (Emotet, TrickBot) targeting Italian infrastructures.
Malware campaign — Neutrino infections
Neutrino exploit-kit campaign: redirect chains, vulnerable plugins exploited, payload delivery and indicators observed during detection on Italian infrastructures.
Necurs Botnet & Banking Trojans
The Cisco Talos Team shared their analysis of the latest Malspam wave distributed by the Necurs Botnet (link). Necurs is among the most active botnets globally, capable of generating massive volumes of spam. The malicious emails delivered by this campaign carry Ransomware and Banking Trojans — specifically Ursnif, Panda Banker, and Emotet. Opening the malicious … Read more
