In September 2024, threat intelligence experts from the Positive Technologies Security Expert Center (PT ESC) discovered an email sent to a governmental organization belonging to a CIS country. Timestamps indicate that the email was sent back in June 2024. The email appeared to be a message without text, containing only an attached document.
However, the email client didn’t show the attachment. The body of the email contained distinctive tags with the statement eval(atob(…)), which decode and execute JavaScript code:
Read more…
Source: Positive Technologies
Related:
- US Navy Warship’s Facebook Page Hacked to Stream ‘Age of Empires’ Gaming
October 7, 2021
The official Facebook page of a destroyer-class Navy warship, the USS Kidd, has gone rogue: Someone has taken over the page in order to…stream Age of Empires play. Age of Empires is a real-time online multiplayer strategy game in which the objective is to advance one’s civilization. Players “build, settle, trade and fight” their way from ...
- Google warns 14,000 Gmail users targeted by Russian hackers
October 7, 2021
Google has warned about 14,000 of its users about being targeted in a state-sponsored phishing campaign from APT28, a threat group that has been linked to Russia. The campaign was detected in late September and accounts for a larger than usual batch of Government-Backed Attack notifications that Google sends to targeted users every month. Shane Huntley, who ...
- Twitch source code, business data, gamer payouts leaked in massive hack
October 6, 2021
An unknown hacker has leaked the entirety of Twitch’s source code among a 128 GB trove of data released this week. The hack, first reported by Video Games Chronicle and confirmed by multiple sources, includes: The entirety of twitch.tv, with commit history going back to its early beginnings Mobile, desktop and console Twitch clients Creator payout reports from 2019 Proprietary ...
- New UEFI bootkit used to backdoor Windows devices since 2012
October 5, 2021
A newly discovered and previously undocumented UEFI (Unified Extensible Firmware Interface) bootkit has been used by attackers to backdoor Windows systems by hijacking the Windows Boot Manager since 2012. Bootkits are malicious code planted in the firmware (sometimes targeting UEFI) invisible to security software that runs within the operating system since the malware is designed to ...
- Apache Web Server Zero-Day Exposes Sensitive Data
October 5, 2021
Apache Software has quickly issued a fix for a zero-day security bug in the Apache HTTP Server, which was first reported to the project last week. The vulnerability is under active exploitation in the wild, it said, and could allow attackers to access sensitive information. According to a security advisory issued on Monday, the issue (CVE-2021-41773) ...
- Hong Kong firm becomes latest marketing company hit with REvil ransomware
October 5, 2021
Hong Kong marketing firm Fimmick has been hit with a ransomware attack, according to a British cybersecurity firm monitoring the situation. Fimmick has offices in Hong Kong and across China, serving several high-profile clients like McDonalds, Coca-Cola, Shell, Asus and others. Their website is currently down and there was no response to ZDNet requests for comment. Matt ...