In September 2024, threat intelligence experts from the Positive Technologies Security Expert Center (PT ESC) discovered an email sent to a governmental organization belonging to a CIS country. Timestamps indicate that the email was sent back in June 2024. The email appeared to be a message without text, containing only an attached document.
However, the email client didn’t show the attachment. The body of the email contained distinctive tags with the statement eval(atob(…)), which decode and execute JavaScript code:
Read more…
Source: Positive Technologies
Related:
- Web beacons on websites and in e-mail
February 7, 2023
There is a vast number of trackers, which gather information about users’ activities online. For all intents and purposes, We have grown accustomed to online service providers, marketing agencies, and analytical companies tracking our every mouse click, our social posts, browser and streaming services history. The collected data can be used for improving their user ...
- Here’s a list of proxy IPs to help block KillNet’s DDoS bots
February 6, 2023
A free tool aims is helping organizations defend against KillNet distributed-denial-of-service (DDoS) bots and comes as the US government issued a warning that the Russian cybercrime gang is stepping up its network flooding attacks against hospitals and health clinics. At current count, the KillNet open proxy IP blocklist lists tens of thousands of proxy IP addresses ...
- UK Engineering Company Vesuvius Hit by Cyber Attack
February 6, 2023
Vesuvius PLC said Monday that it is currently managing a cyber incident that involved unauthorized access to its systems. The U.K. engineered-ceramics manufacturer said as soon as it was aware of the unauthorized activity, it took the necessary steps to respond, including shutting down affected systems. Read more… Source: Market Watch
- Okta customers report dramatic increase in cyber-attacks
February 3, 2023
A marketing survey from digital identity firm Okta fielded in the first quarter of last year highlights dangers that, while hardly unknown, are sobering. The survey and report examined the state of secure identity, and came up with three facts the market needs to come to grips with. Read more… Source: Biometric Update
- TgToxic Malware’s Automated Framework Targets Southeast Asia Android Users
February 3, 2023
Trend Micro researchers analyzed an ongoing campaign that has been targeting Android users in Southeast Asia since July 2022. Its goal is to steal victims’ assets from finance and banking applications (such as cryptocurrency wallets, credentials for official bank apps on mobile, and money in deposit), via a banking trojan they named TgToxic (detected by Trend ...
- Tallahassee Memorial hospital victim of suspected ransomware attack
February 3, 2023
Tallahassee Memorial HealthCare is postponing all non-emergency patient procedures as officials manage an Information Technology security issue that occurred late Thursday night, according to a memo from the hospital. The IT security breach is a suspected ransomware attack, according to sources with knowledge of the situation. Read more… Source: Florida Politics