In September 2024, threat intelligence experts from the Positive Technologies Security Expert Center (PT ESC) discovered an email sent to a governmental organization belonging to a CIS country. Timestamps indicate that the email was sent back in June 2024. The email appeared to be a message without text, containing only an attached document.
However, the email client didn’t show the attachment. The body of the email contained distinctive tags with the statement eval(atob(…)), which decode and execute JavaScript code:
Read more…
Source: Positive Technologies
Related:
- Personal data of at least 26,212 people accessed in ransomware attack, Dallas tells state
August 9, 2023
Computer hackers accessed the personal information of at least 26,212 Texans in the recent ransomware attack on the city of Dallas, according to an official disclosure made public Monday on the Texas attorney general’s web site, three months after the breach. The city’s notice to the attorney general’s office says the data breach included names, addresses, ...
- Paracetamol maker Granules India’ Q1 profit hurt by cyber attack disruptions
August 9, 2023
Granules India Ltd the maker of paracetamol and ibuprofen pain relievers, reported a 62.5% fall in first-quarter profit on Wednesday, as a cyber security incident significantly disrupted operations. The generic drug maker’s consolidated net profit tumbled to 478.9 million rupees ($5.8 million) in the April-June quarter, from 1.27 billion rupees a year earlier. Granules faced a ...
- Northern Ireland: Major data breach identifies thousands of police officers and civilian staff
August 8, 2023
The Police Service of Northern Ireland (PSNI) has apologised for mistakenly revealing details of all its 10,000 staff. NI’s Police Federation said the breach could cause “incalculable damage”. In response to a Freedom of Information (FoI) request, the PSNI had shared names of all police and civilian personnel, where they were based and their roles. The ...
- UK Elections watchdog targeted by cyber attack which left voters’ details exposed
August 8, 2023
Details of tens of millions of voters could have been accessed by hackers who targeted the elections watchdog. The Electoral Commission revealed on Tuesday it was targeted by a cyber attack which allowed “hostile actors” to access electoral registers. The hack allowed the attackers to access reference copies of electoral registers which contained the name and addresses ...
- Clustering attacker behavior reveals hidden patterns
August 8, 2023
A collection of very specific behaviors, observed by Sophos X-Ops incident response analysts in the lead-up to four separate ransomware attacks in the first quarter of 2023, indicates an unexpected connection between the attacks. In the parlance of the Managed Detection and Response (MDR) team, the peculiarly similar details constitute a threat activity cluster that ...
- New cyberattack method: tracking typing remotely via keyboard sounds
August 7, 2023
A group of British cybersecurity researchers has figured out a novel new attack method: recording the sound a computer keyboard makes. The researcher took recordings using a nearby smartphone of typists and used it to train a sound classification model, achieving accuracies of 95% to suss out the actual keys pressed. They call this an acoustic side ...