Cert Posts25

In recent days, a fake version of Salesforce has been exploited to carry out a particularly sophisticated vishing attack. Cybercriminals, posing as internal operators or company technicians, contacted victims by phone with the aim of…

In recent years, the use of tools known as sandboxes has grown significantly. These platforms offer a secure, isolated environment in which suspicious files, emails and potentially harmful links can be examined without risking compromise…

The Chinese-linked APT group UNC5174 has been observed deploying an advanced malware toolkit targeting Linux systems, combining a custom downloader known as SNOWLIGHT with a stealthy and powerful remote access trojan called VShell.   What…

In recent times, the “E-crime as a service” phenomenon has radically changed the cybercrime landscape, opening the door to “low-skill” criminals. Thanks to an increasingly accessible ecosystem and the availability of turnkey criminal tools, today…

The dark web hosts a complex ecosystem where licit and illicit activities intertwine, offering anonymity but also exposing to significant risks. The main communication between criminal hackers takes place in specialised forums that serve as…

We often hear about BEC, an acronym that stands for Business Email Compromise, a threat we all face every day in our mailbox. But in fact, what are we talking about? How to avoid falling…

In recent days, DeepSeek, a new artificial intelligence model of Chinese origin, has rapidly gained popularity and sparked discussions both economically and in terms of cybersecurity. On one hand, many observers note how DeepSeek has…

On 19 December 2024 at 00:03 UTC, ransomware group LockBit announced the release of LockBit 4.0 on its leak site (DLS). Known for its aggressive tactics and frequent updates, LockBit introduces an even more advanced…