In September 2024, threat intelligence experts from the Positive Technologies Security Expert Center (PT ESC) discovered an email sent to a governmental organization belonging to a CIS country. Timestamps indicate that the email was sent back in June 2024. The email appeared to be a message without text, containing only an attached document.
However, the email client didn’t show the attachment. The body of the email contained distinctive tags with the statement eval(atob(…)), which decode and execute JavaScript code:
Read more…
Source: Positive Technologies
Related:
- CISA Has Added One Known Exploited Vulnerability to Catalog
November 14, 2022
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This type of vulnerability is a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: To view the newly added vulnerabilities in the catalog, click on the arrow in the “Date ...
- Whoosh confirms data breach after hackers sell 7.2M user records
November 14, 2022
The Russian scooter-sharing service Whoosh has confirmed a data breach after hackers started to sell a database containing the details of 7.2 million customers on a hacking forum. Whoosh is Russia’s leading urban mobility service platform, operating in 40 cities with over 75,000 scooters. On Friday, a threat actor began selling the stolen data on a hacking ...
- World Cup apps pose a data security and privacy nightmare
November 11, 2022
With mandated spyware downloads to tens of thousands of surveillance cameras equipped with facial-recognition technology, the World Cup in Qatar next month is looking more like a data security and privacy nightmare than a celebration of the beautiful game. Football fans and others visiting Qatar must download two apps: Ehteraz, a Covid-19 tracker, and Hayya, which ...
- NSA to developers: Think about switching from C and C++ to a memory safe programming language
November 11, 2022
The National Security Agency (NSA) is urging developers to shift to memory safe languages – such as C#, Go, Java, Ruby, Rust, and Swift – to protect their code from remote code execution or other hacker attacks. Of the languages mentioned above, Java is the most widely used across enterprise and Android app development, while Swift ...
- Phishing drops IceXLoader malware on thousands of home, corporate devices
November 10, 2022
A ongoing phishing campaign has infected thousands of home and corporate users with a new version of the ‘IceXLoader’ malware. The authors of IceXLoader, a malware loader first spotted in the wild this summer, have released version 3.3.3, enhancing the tool’s functionality and introducing a multi-stage delivery chain. The discovery of the Nim-based malware came in June ...
- iPhone iOS 16.1.1 fixes two security vulnerabilities – time to update
November 10, 2022
Apple has released an update that protects users against two security vulnerabilities that could affect iPhones and iPads. The iOS 16.1.1 and iPadOS 16.1.1 software update comes two weeks after the release of iOS 16.1 for all iPhone and iPad users. The security update protects users against two vulnerabilities CVE-2022-40303 and CVE-2022-40304. Both vulnerabilities have been found ...