Gruppo ECP Advpress Automationtoday AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit Gruppo ECP Advpress Automationtoday AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Effective cyber attack via images in the corporate environment

An ingenious cyber attack that uses images to infiltrate companies

Spear-phishing emails with apparent images about the Armenia-Azerbaijan conflict hide malware that steals sensitive data. Management teams associated with Azerbaijani company targeted. The malware, written in Rust, creates temporary files to steal information during non-business hours.
This pill is also available in Italian language

Images purportedly depicting the conflict between Armenia and Azerbaijan were actually malware programs intended to steal sensitive data.

Spear-phishing email hidden behind an Azerbaijani company document spreads malware via image files to infiltrate companies associated with the company

According to Fortinet research, these emails mentioned the conflict between Azerbaijan and Armenia and contained a zip file. The photos within that file contained both genuine and malicious content.

The targets of the attacks were the management teams of companies associated with the Azerbaijani company

Fortinet senior security engineer Fred Gutierrez said other companies affected by the campaign included the company's subsidiaries and its business partners. He declined to reveal the name of the counterfeit company.

The malware, written in the popular Rust language, steals company information

The malware creates a temporary file called "24rp.xml" that sets up a scheduled task to steal information outside of regular working hours. This technique is based on the assumption that targets leave their computers turned on overnight so that the malware can perform its functions at times when it is less likely to be noticed.

Follow us on Instagram for more pills like this

09/29/2023 16:45

Marco Verro

Last pills

Hidden vulnerability in Asus motherboards revealed by a New Zealand programmerCritical vulnerability discovered in DriverHub local server that allows malicious code to be executed with admin privileges, risks expanded on Asus desktops, laptops and motherboards

AnyProxy proxy network taken down: new era for global SOCKS botnet securityLearn how international collaboration and artificial intelligence are revolutionizing the fight against SOCKS botnets and ensuring more effective security for corporate networks

Cybersecurity of electricity grids: how cyber attacks are putting energy at risk in EuropeHow cyberattacks threaten energy security in Europe: techniques, consequences and innovative strategies to defend electricity grids

Google Drive blocked: the challenges of Piracy Shield and the implications of accidental lockdownHow a simple technical error blocked Google Drive in Italy, highlighting the critical issues in a fight against piracy involving tech giants and national institutions