5 matches found
Malicious Package
Overview onedrive-verification is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this this...
Malicious Package
Overview hgfiuythdjfhgff is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this this package'...
Foreign Threat Actor Conducting Large-Scale Spearphishing Campaign with RDP Attachments
CISA has received multiple reports of a large-scale spearphishing campaign targeting organizations in several sectors, including government and information technology IT. The foreign threat actor, often posing as a trusted entity, is sending spearphishing emails containing malicious remote deskto...
U.S. Dept Of Defense: Dashboard sharing enables code injection into ████ emails
Summary: An attacker is able to share their dashboard with other █████████ users. When sharing their dashboard, the message is not fully sanitized for HTML characters before sending to the recipient. This allows the attacker to craft a believable spearphishing e-mail coming from an e-mail address...
News Wrap: GandCrab Operators Resurface, Utilities Firms Hit By LookBack Malware
On this week’s news wrap podcast, Threatpost editors Tara Seals and Lindsey O’Donnell break down the top news, including: Despite claiming they were retiring, GandCrab’s authors have been linked to the REvil/Sodinokibi ransomware via a technical analysis. A spearphishing campaign, first spotted i...