James_inthe_boxA very late (due to work travel) csv formatted list of #malspam campaigns that crossed my path in March to include #malware type, subject, hash, c2, and email exfil addresses:
https://gist.github.com/silence-is-best/440abd3e683adf69f531371cf56cd338
A csv formatted list of #malspam campaigns that crossed my path in February to include subjects, #malware type, hashes, c2's, and email exfil addresses:
https://gist.github.com/silence-is-best/49cbc51145478ed68d06e02e14ddc135
TechNaduNew 2026 telemetry from Bitdefender indicates 41% of Valentine’s-themed email traffic contained scam elements.
Threat vectors observed:
• Brand impersonation campaigns
• AI-generated dating personas
• Advance-fee survey funnels
• Delivery notification phishing
• Pharma spam distribution
• Healthcare provider impersonation (e.g., Techniker Krankenkasse)
Geographic targeting concentrated in the U.S. (55%) and key European markets.
Question for defenders:
Are current email filtering models sufficiently adaptive to seasonal emotional triggers amplified by generative AI?
Engage below.
Follow @technadu for threat intelligence reporting.
#ThreatIntel #Phishing #EmailSecurity #AIThreats #SOC #BlueTeam #FraudDetection #BrandAbuse #SecurityResearch #CyberDefense #Malspam #DigitalRisk
A csv formatted list of #malspam campaigns that crossed my path in January to include #malware, c2, hash, subject, and some email exfil addresses:
https://gist.github.com/silence-is-best/8b91cfa90b598f71dbd7169f0391c98c
If you've been experiencing these new #malspam with @Action1corp #action1 RMM, there's a tasty lil file called C:\Windows\Action1\what_is_this.txt that's everything you need to know:
https://app.any.run/tasks/a38ca435-f03f-4e77-aac0-f7446b6fe4df
https://app.any.run/tasks/a38ca435-f03f-4e77-aac0-f7446b6fe4df
A short (and late due to vacation) csv formatted list of #malspam campaigns that crossed my path in December to include #malware type, subject, hash, c2, and email exfil addresses:
https://gist.github.com/silence-is-best/720a513ff366780662870bc0dd080ce3
Andrew 🌻 Brandt 🐇Happy Cyber(crime) Monday. Someone is sending out these bogus "e-signature" notifications as #malspam.
They lead to a page on Google Drive that has an interstitial link. When you click it, the page pushes an installer for N-Able Advanced Monitoring Agent, a commercial IT remote management tool. https://www.virustotal.com/gui/file/5ddcff44de366e6693c24e189121011ba664d6e71686e9463bb1574572564909/detection
This is just the latest evolution of the attack I documented on the @Netcraft blog before the holiday break: https://www.netcraft.com/blog/shared-document-spam-delivers-remote-access-tool #spam #malware #RAT
A csv formatted list of #malspam campaigns that crossed my path in November to include #malware type, c2, hash, subject, and some email exfil addresses:
https://gist.github.com/silence-is-best/b0eed8c8a6d6f6381a30d17047603726
securityaffairsDissecting a new #malspam chain delivering Purelogs infostealer
https://securityaffairs.com/185066/cyber-crime/dissecting-a-new-malspam-chain-delivering-purelogs-infostealer.html
#securityaffairs #hacking #malware
https://securityaffairs.com/185066/cyber-crime/dissecting-a-new-malspam-chain-delivering-purelogs-infostealer.html
#securityaffairs #hacking #malware
Dissecting a new #malspam chain delivering Purelogs infostealer
https://securityaffairs.com/185066/cyber-crime/dissecting-a-new-malspam-chain-delivering-purelogs-infostealer.html
#securityaffairs #hacking #malware
https://securityaffairs.com/185066/cyber-crime/dissecting-a-new-malspam-chain-delivering-purelogs-infostealer.html
#securityaffairs #hacking #malware