Microsoft OneNote Used To Sidestep Phishing Detection
A recent phishing campaign used OneNote to distribute the Agent Tesla keylogger. Continue reading Microsoft OneNote Used To Sidestep Phishing Detection
Category Archives: agent tesla
Phish Fryday – Agent Tesla
Agent Tesla appeared on the malware scene in 2014 as a simple keylogger. We’ve seen this malware expand capabilities over the years, making it still one of the more popular types of malware distributed in phishing attacks. In this episode we spea… Continue reading Phish Fryday – Agent Tesla
Phish Fryday – Agent Tesla
Agent Tesla appeared on the malware scene in 2014 as a simple keylogger. We’ve seen this malware expand capabilities over the years, making it still one of the more popular types of malware distributed in phishing attacks. In this episode we spea… Continue reading Phish Fryday – Agent Tesla
Advanced Obfuscation Marks Widespread Info-Stealing Campaign
Agent Tesla and LokiBot are common payloads in the botnet-driven spam effort. Continue reading Advanced Obfuscation Marks Widespread Info-Stealing Campaign
Advanced Obfuscation Marks Widespread Info-Stealing Campaign
Agent Tesla and LokiBot are common payloads in the botnet-driven spam effort. Continue reading Advanced Obfuscation Marks Widespread Info-Stealing Campaign
[SANS ISC] Agent Tesla Trojan Abusing Corporate Email Accounts
I published the following diary on isc.sans.edu: “Agent Tesla Trojan Abusing Corporate Email Accounts“: The trojan ‘Agent Tesla’ is not brand new, discovered in 2018, it is written in VisualBasic and has plenty of interesting features. Just have a look at the MITRE ATT&CK overview of its TTP. I found a
[The post [SANS ISC] Agent Tesla Trojan Abusing Corporate Email Accounts has been first published on /dev/random]
Continue reading [SANS ISC] Agent Tesla Trojan Abusing Corporate Email Accounts
Agent Tesla: Evading EDR by Removing API Hooks
Written by Toby Gray and Ratnesh Pandey. Endpoint detection and response (EDR) tools rely on operating system events to detect malicious activity that is generated when malware is run. These events are later correlated and analysed to detect anomalous… Continue reading Agent Tesla: Evading EDR by Removing API Hooks
More AgentTesla keylogger info-stealer campaigns hitting UK
We are still seeing continuous AgentTesla keylogger / Info-Stealer campaigns hitting the UK. We sill aren’t seeing a lot of other malware at the moment. I have received about 20 different versions over the last week that have all been nothing spe… Continue reading More AgentTesla keylogger info-stealer campaigns hitting UK
AgentTesla Keylogger and Binary Options scam
We are still not seeing massive amounts of malware currently hitting the UK. We are still seeing the commodity malware like AgentTesla keylogger / info stealer, Nanocore RAT and Hawkeye Keylogger on a very regular basis. Today’s example of an Age… Continue reading AgentTesla Keylogger and Binary Options scam
multiple malware delivered from compromised website run on a domestic BT IP address
As I mentioned earlier in the week, we aren’t seeing massive amounts of malware, especially in the UK at the moment BUT we do see a steady lowish volume stream of commodity malware. These are they standard easy to purchase and use malware tools l… Continue reading multiple malware delivered from compromised website run on a domestic BT IP address