The .z attachment of an email that simulates a legitimate sender contains an exe: the malware. The stolen data is exfiltrated via STMP to the same server as the RFQ campaign.
The r19 attachment of an email about a SWIFT transfer contains an exe: the loader, which should contact a link and download the final payload. At the moment, however, this is unknown.
The area where government buildings and foreign embassies are located will no longer be sealed off. The international community must review the security of its headquarters.
The lure is a fake email with the request to edit the folder “PAYMENTS”, by opening a link. It directs to a fake login page with the user legit website on the background.
Boom of Recruitments in Raqqa and Deir Ezzor, while the checkpoints in the South-East of Aleppo reach 30. Objectives: Counter pro-ISIS jihadists and carry out false flag attacks on Inherent Resolve.
Thanks to all of our loyal readers and to the people who protect us. From terrorism and wars, passing trough the cyber threats. We'll be back on January 9 2023.