In September 2024, threat intelligence experts from the Positive Technologies Security Expert Center (PT ESC) discovered an email sent to a governmental organization belonging to a CIS country. Timestamps indicate that the email was sent back in June 2024. The email appeared to be a message without text, containing only an attached document.
However, the email client didn’t show the attachment. The body of the email contained distinctive tags with the statement eval(atob(…)), which decode and execute JavaScript code:
Read more…
Source: Positive Technologies
Related:
- New survey report released: The state of industrial cybersecurity (Part 2)
April 6, 2021
This article is a second part of our three-part blog series, explaining the result of Trend Micro’s latest survey about industrial cybersecurity. The previous post showed the result of this survey- most IT and OT people recognize the biggest challenge is technology rather than people and process. We also found some gaps of awareness between ...
- Meet Janeleiro: a new banking Trojan striking company, government targets
April 6, 2021
A banking Trojan striking corporate targets across Brazil has been unmasked by researchers. On Tuesday, ESET published an advisory on the malware, which has been in development since 2018. Dubbed Janeleiro, the Trojan appears to be focused on Brazil as a hunting ground and has been used in cyberattacks against corporate players in sectors including healthcare, engineering, ...
- European Commission, other EU orgs recently hit by cyber-attack
April 6, 2021
The European Commission and several other European Union organizations were hit by a cyberattack in March, according to a European Commission spokesperson. As revealed by the spokesperson, the “IT security incident” impacted multiple EU institutions, bodies, or agencies’ IT infrastructure. “We are working closely with CERT-EU, the Computer Emergency Response Team for all EU institutions, bodies and ...
- Conti Gang Demands $40M Ransom from Florida School District
April 6, 2021
The Conti Gang has demanded a $40 million ransom from a Fort Lauderdale, Fla., school district after a ransomware attack last month. Attackers stole personal information from students and teachers, disrupted the district’s networks, and caused some services to be unavailable. The incident that was discovered on March 7 at Broward County Public Schools drew limited ...
- SAP Bugs Under Active Cyberattack, Causing Widespread Compromise
April 6, 2021
Active cyberattacks on known vulnerabilities in SAP systems could lead to full control of unsecured SAP applications, researchers are warning. Adversaries are carrying out a range of attacks, according to an alert from SAP and security firm Onapsis issued Tuesday – including theft of sensitive data, financial fraud, disruption of mission-critical business processes and other operational ...
- The leap of a Cycldek-related threat actor
April 5, 2021
In the nebula of Chinese-speaking threat actors, it is quite common to see tools and methodologies being shared. One such example of this is the infamous “DLL side-loading triad”: a legitimate executable, a malicious DLL to be sideloaded by it, and an encoded payload, generally dropped from a self-extracting archive. Initially considered to be the ...