Emotet Trojan — 23 September 2020
Emotet malspam wave of 23 September 2020: three distinct delivery patterns, document macro chain, payload deployment and host-level indicators.
Blog · research & analysis
Latest analysis
Read the analysis
Trojan Emotet – Rientro di Settembre
Campagna malware Emotet (Trojan Bancario), che ha targettizzato utenti italiani di rientro dalle ferie estive. Info sul Malware Emotet ” While Emotet historically was a banking malware organized in a botnet, nowadays Emotet is mostly seen as infrastructure as a service for content delivery. For example, since mid 2018 it is used by Trickbot for … Read more
Cyber attack trends during the lockdown
Cyber attack patterns during pandemic lockdowns: COVID-themed lures, remote-work exposure, VPN brute-forcing trends and shifting targeting priorities.
Email: 5 tips to protect against attacks
Five practical guidelines to reduce exposure to email-borne threats: phishing, attachment macros, sender spoofing, MFA and user awareness — what works and what does not.
Red Teaming Series — Antivirus Bypass
Antivirus evasion techniques in red-team operations: payload encoding, signature avoidance, behavioural-detection bypass and corresponding defensive lessons.
Red Teaming Series — Armitage
Armitage in offensive security operations: post-exploitation workflows, Metasploit collaboration, lateral movement and defensive lessons for SOC teams.
ALERT — Microsoft cryptography systems vulnerability
CVE-2020-0601 (CurveBall): Microsoft Windows certificate validation vulnerability, exploitation primitives, NSA disclosure and remediation steps.
ALERT — Vulnerability in Citrix ADC (NetScaler)
Critical Citrix ADC/NetScaler vulnerability: exploitation primitives, exposure metrics on Italian perimeters and remediation steps for affected appliances.
Phishing — January 2019 attacks
Phishing campaigns observed during January 2019: lure templates, payload delivery and indicators across waves targeting Italian organisations.
