In September 2024, threat intelligence experts from the Positive Technologies Security Expert Center (PT ESC) discovered an email sent to a governmental organization belonging to a CIS country. Timestamps indicate that the email was sent back in June 2024. The email appeared to be a message without text, containing only an attached document.
However, the email client didn’t show the attachment. The body of the email contained distinctive tags with the statement eval(atob(…)), which decode and execute JavaScript code:
Read more…
Source: Positive Technologies
Related:
- Chinese APT suspected of supply chain attack on Mongolian government agencies
December 10, 2020
A Chinese state-sponsored hacking group, also known as an APT, is suspected of having breached a Mongolian software company and compromised a chat app used by hundreds of Mongolian government agencies. The attack is believed to have taken place earlier this year, in June, according to a report published today by Slovak security firm ESET. The hackers ...
- European Medicines Agency says it has been targeted by cyber attack
December 9, 2020
In a short statement published on its website, the agency said: “EMA has been the subject of a cyberattack. The agency has swiftly launched a full investigation, in close cooperation with law enforcement and other relevant entities. “EMA cannot provide additional details whilst the investigation is ongoing. Further information will be made available in due course,” ...
- FireEye reveals that it was hacked by a nation state APT group
December 9, 2020
Leading cybersecurity company FireEye disclosed today that it was hacked by a threat actor showing all the signs of a state-sponsored hacking group. The attackers were able to steal Red Team assessment tools FireEye uses to test customers’ security and designed to mimic tools used by many cyber threat actors. Read more… Source: Bleeping Computer
- Foxconn electronics giant hit by ransomware, $34 million ransom
December 9, 2020
Foxconn electronics giant suffered a ransomware attack at a Mexican facility over the Thanksgiving weekend, where attackers stole unencrypted files before encrypting devices. Foxconn is the largest electronics manufacturing company globally, with recorded revenue of $172 billion in 2019 and over 800,000 employees worldwide. Foxconn subsidiaries include Sharp Corporation, Innolux, FIH Mobile, and Belkin. BleepingComputer has been ...
- Norway: Russian APT28 state hackers likely behind Parliament attack
December 9, 2020
Russian-backed hacking group APT28 has likely brute-forced multiple Norwegian Parliament (Stortinget) email accounts on August 24, 2020, according to the Norwegian Police Security Service (PST, short for Politiets Sikkerhetstjeneste). Attackers gained access to a limited number of Stortinget email accounts of representatives and employees as disclosed by Stortinget director Marianne Andreassen. A statement published on the parliament’s ...
- Severe MDHexRay bug affects 100+ GE Healthcare imaging systems
December 9, 2020
A vulnerability in GE Healthcare’s proprietary management software used for medical imaging devices could put patients’ health privacy at risk, potentially their lives. The flaw received the name MDHexRay (CVE-2020-25179) and a severity score of 9.8 out of 10. It affects more than 100 CT, X-Ray, MRI device models in a dozen product lines from the ...