Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Medium
Emotet is back and targeting different users around the world with it’s tactics. It’s fair to say that Emotet is now targeting almost 66,000 unique emails for more than 30,000 domain names from 385 unique top-level domains (TLDs).
As for the origin of the malicious emails, It came from 3,362 different senders, whose credentials had been stolen. The count for the total number of unique domains reached 1,875, covering a little over 400 TLDs.
At the beginning there was no definitive answer on the payload, only unconfirmed reports that some U.S.-based hosts received Trickbot, a banking trojan turned malware dropper, as a secondary infection dropped by Emotet.
From current observations and spam emails shared with by Cofense and JamesWT, Emotet’s campaign today relies mostly on emails having a financial theme and appearing to come as a reply to a seemingly previous conversation. This was noticed with the following message in English:
Polish and Italian users received a similar message, urging them to take a look at a bill that caused some problems:
In a message likely to a German recipient, the sender claimed there were issues with some documentation and asked the recipient to take a look:
URLs
Malware Hash (MD5/SHA1/SH256)