SECUINFRA Falcon Team · @SI_FalconTeam
37 followers · 18 posts · Server infosec.exchange
📧🙄 #Emotet News: Another one of our predictions for the ongoing campaign turns out to be correct: E4 and E5 are now spamming #OneNote lures. We published a #Yara rule on @abuse_ch #Yarahub to detect the .one -> .wsf delivery method.
Yarahub: https://yaraify.abuse.ch/yarahub/rule/MALWARE_Emotet_OneNote_Delivery_wsf_Mar23
#emotet #onenote #yara #yarahub #cybersecurity #infosec #blueteam
Last updated 2 years ago