Thanks Corsin .@cocaman & Andre .@AndreGironda for great sharing on @abuse_ch Bazaar, ThreatFox & URLhaus! This is a rather interesting #AsyncRAT campaign. Spoofing @swisspost & @USPS as sender CC: @SwissPost_CERT & @OIGUSPS 🧵 1/ #MalwareChallenge

Be aware of current patterns of fraud: Swiss Post does not process payments via post[.]ch[.]paysget[.]info. Find out more ⬇️ post.ch/en/pages/footer/curr…

abuse.ch: Time to move forward. Your help is needed ⛑️ 👉 abuse.ch/blog/moving-forward…

New blog: This year the cybercrime group #RoamingMantis has been actively targeting the European users of both #iOS and #Android devices. This post provides an insight into the rate of success in their recent advancements. medium.com/csis-techblog/the… #Malware #Phishing @csis_cyber

I believe #RoamingMantis is a name of a campaign (which is named by Kaspersky GReAT). It is not a group. But recently I saw some reports which use #RoamingMantis as a name of a group. e.g. cybereason.com/blog/fakespy-… (by @cybereason) medium.com/csis-techblog/the… (by @CyberCSIS)

CSIS researcher (and past VB conference speaker) @s_metanka looked at how the RoamingMantis Android malware is now targeting European countries too and how the same group is engaging in Apple ID phishing medium.com/csis-techblog/the…

cybercrimepolice: "Angebliche Paketlieferung mit Code per SMS freischalten" cybercrimepolice.ch/de/fall/… #phishing #betrug

Betrüger geben sich als @postschweiz aus und versuchen Spionage App zu verteilen… bit.ly/2WKvuyL #sicherheit #malware #phishing #malware

Thanks for the heads-up! I will take this up with @SwissPost_CERT We've been seeing an uptick of #FakeSpy Android Malware recently.

Vorsicht vor gefälschten E-Mails im Namen der Eidgenössischen Steuerverwaltung ESTV: Beim Excel Anhang handelt es sich um Schadsoftware #guloader. Nicht öffnen!

New wave of Post phishing emails, with the old ‚pay for your parcel‘ lure Don‘t put in your CC details! hosted on free2[.]it/public/ch @SwissPost_CERT #scam

Vorsicht vor betrügerischen Anrufen 📞⚠️

Swiss post themed malspam campaign distributing #Parallax RAT in Switzerland 🇨🇭 XLS: bazaar.abuse.ch/sample/dcc33… EXE: bazaar.abuse.ch/sample/4723a… URL: urlhaus.abuse.ch/url/353122/ Parallax RAT C2: bhg.canadacentralregistrar\.ca (79.134.225.51) Hosted at AnMaXX: abuse.ch/blog/anmaxx-gerber-…

📢The 2020 Q1 TLP:WHITE executive summary of our Threat Landscape Report is out! 📝You'll find an overview of direct #cyber threats to 🇪🇺 institutions, bodies & agencies insights into TTPs & the specific sectorial, geographical threat landscape📈. ➡️media.cert.europa.eu/static/…