In September 2024, threat intelligence experts from the Positive Technologies Security Expert Center (PT ESC) discovered an email sent to a governmental organization belonging to a CIS country. Timestamps indicate that the email was sent back in June 2024. The email appeared to be a message without text, containing only an attached document.
However, the email client didn’t show the attachment. The body of the email contained distinctive tags with the statement eval(atob(…)), which decode and execute JavaScript code:
Read more…
Source: Positive Technologies
Related:
- Hacker leaks passwords for 900+ enterprise VPN servers
August 5, 2020
A hacker has published today a list of plaintext usernames and passwords, along with IP addresses for more than 900 Pulse Secure VPN enterprise servers. ZDNet, which obtained a copy of this list with the help of threat intelligence firm KELA, verified its authenticity with multiple sources in the cyber-security community. According to a review, the list ...
- Lost in Translation: When Industrial Protocol Translation goes Wrong
August 5, 2020
Translation makes it possible to exchange information across the globe, regardless of language differences. Translation plays a similar role in industrial internet of things (IIoT) environments where different devices, such as interfaces, sensors, and machines, use different protocols. Protocol gateways handle the translation of these different protocols in an industrial facility, allowing devices to communicate ...
- Iranian hacker group becomes first known APT to weaponize DNS-over-HTTPS (DoH)
August 4, 2020
An Iranian hacking group known as Oilrig has become the first publicly known threat actor to incorporate the DNS-over-HTTPS (DoH) protocol in its attacks. Speaking in a webinar last week, Vincente Diaz, a malware analyst for antivirus maker Kaspersky, said the change happened in May this year when Oilrig added a new tool to its hacking ...
- Unveiling the Hidden Risks of Industrial Automation Programming
August 4, 2020
Robots and other programmable industrial machines are the backbone of the manufacturing industry. Without them, the large-scale and fast-paced production that our modern economy depends on would simply be impossible. Critical sectors — from automotive and avionics to pharmaceuticals and food production — are reliant on these machines for the precise and efficient actions that ...
- INTERPOL report shows alarming rate of cyberattacks during COVID-19
August 4, 2020
An INTERPOL assessment of the impact of COVID-19 on cybercrime has shown a significant target shift from individuals and small businesses to major corporations, governments and critical infrastructure. With organizations and businesses rapidly deploying remote systems and networks to support staff working from home, criminals are also taking advantage of increased security vulnerabilities to steal data, ...
- Vulnerable perimeter devices: a huge attack surface
August 4, 2020
With the increase of critical gateway devices deployed to support off-premise work, companies across the world have to adapt to a new threat landscape where perimeter and remote access devices are now in the first line. Companies lack visibility into the growing network of internet-connected services and devices that support the new work paradigm; and the ...