AgentTesla – WindowsTechs.com

[SANS ISC] More Exotic Excel Files Dropping AgentTesla

Posted on August 23, 2023 by Xavier

Today, I published the following diary on isc.sans.edu: “More Exotic Excel Files Dropping AgentTesla”: Excel is an excellent target for attackers. The Microsoft Office suite is installed on millions of computers, and people trust these files. If we have the classic xls, xls, xlsm file extensions, Excel supports many others!

The post [SANS ISC] More Exotic Excel Files Dropping AgentTesla appeared first on /dev/random.

Continue reading [SANS ISC] More Exotic Excel Files Dropping AgentTesla→

[SANS ISC] Agent Tesla Dropped Through Automatic Click in Microsoft Help File

Posted on February 12, 2021 by Xavier

I published the following diary on isc.sans.edu: “Agent Tesla Dropped Through Automatic Click in Microsoft Help File‘”: Attackers have plenty of resources to infect our systems. If some files may look suspicious because the extension is less common (like .xsl files), others look really safe and make the victim confident

The post [SANS ISC] Agent Tesla Dropped Through Automatic Click in Microsoft Help File appeared first on /dev/random.

Continue reading [SANS ISC] Agent Tesla Dropped Through Automatic Click in Microsoft Help File→

Malware Families Turn to Legit Pastebin-Like Service

Posted on October 5, 2020 by Lindsey O'Donnell

AgentTesla, LimeRAT, W3Cryptolocker and Redline Stealer are now using Paste.nrecom in spear-phishing attacks. Continue reading Malware Families Turn to Legit Pastebin-Like Service→

[SANS ISC] AgentTesla Delivered via a Malicious PowerPoint Add-In

Posted on May 23, 2020 by Xavier

I published the following diary on isc.sans.edu: “AgentTesla Delivered via a Malicious PowerPoint Add-In“: Attackers are always trying to find new ways to deliver malicious code to their victims. Microsoft Word and Excel are documents that can be easily weaponized by adding malicious VBA macros. Today, they are one of

[The post [SANS ISC] AgentTesla Delivered via a Malicious PowerPoint Add-In has been first published on /dev/random]

Continue reading [SANS ISC] AgentTesla Delivered via a Malicious PowerPoint Add-In→

Oil and Gas Sectors Targeted by AgentTesla Infostealer Campaigns

Posted on April 21, 2020 by David Bisson

Digital attackers used spearphishing campaigns to target oil and gas companies with samples of the AgentTesla infostealer family. In the first campaign spotted by Bitdefender, malicious actors sent out emails that appeared to originate from Egyptian st… Continue reading Oil and Gas Sectors Targeted by AgentTesla Infostealer Campaigns→

Cyberattacks Target Healthcare Orgs on Coronavirus Frontlines

Posted on April 14, 2020 by Lindsey O'Donnell

Cybercriminals aren’t sparing medical professionals, hospitals and healthcare orgs on the frontlines of the coronavirus pandemic when it comes to cyberattacks, ransomware attacks and malware. Continue reading Cyberattacks Target Healthcare Orgs on Coronavirus Frontlines→

Another Agenttesla campaign using a compromised Iraq Government site

Posted on October 8, 2019 by Myonlinesecurity

WE still see loads of AgentTesla keylogger/ Info-stealer malware campaigns hitting the UK most days. Today is no exception with quite a few so far. I don’t always post them here, unless there is something slightly different or unusual about eithe… Continue reading Another Agenttesla campaign using a compromised Iraq Government site→

A Friday the 13th failure for Agenttesla campaign

Posted on September 13, 2019 by Myonlinesecurity

It looks like Friday the 13th is unlucky for this malware bad actor, trying to deliver yet another AgentTesla keylogger / info-stealer because as far as I can tell this malware chain is broken so the victim should not get the payload. WE still see lo… Continue reading A Friday the 13th failure for Agenttesla campaign→

More AgentTesla keylogger campaigns

Posted on September 12, 2019 by Myonlinesecurity

AgentTesla keylogger campaigns continue

Posted on September 11, 2019 by Myonlinesecurity

WE still see loads of AgentTesla keylogger/ Info-stealer malware campaigns hitting the UK most days. I don’t often post them here, unless there is something slightly different or unusual about either the delivery method or the malware itself chan… Continue reading AgentTesla keylogger campaigns continue→