One Article Review
| Source |  CSO |
|---|---|
| Identifiant | 8308573 |
| Date de publication | 2023-02-09 07:58:00 (vue: 2023-02-09 16:07:52) |
| Titre | HTML smuggling campaigns impersonate well-known brands to deliver malware |
| Texte | Trustwave SpiderLabs researchers have cited an increased prevalence of HTML smuggling activity whereby cybercriminal groups abuse the versatility of HTML in combination with social engineering to distribute malware. The firm has detailed four recent HTML smuggling campaigns attempting to lure users into saving and opening malicious payloads, impersonating well-known brands such as Adobe Acrobat, Google Drive, and the US Postal Service to increase the chances of users falling victim.HTML smuggling uses HTML5 attributes that can work offline by storing a binary in an immutable blob of data (or embedded payload) within JavaScript code, which is decoded into a file object when opened via a web browser. It is not a new attack method, but it has grown in popularity since Microsoft started blocking macros in documents from the internet by default, Trustwave SpiderLabs wrote. The four malware strains that have recently been detected using HTML smuggling in their infection chain are Cobalt Strike, Qakbot, IcedID, and Xworm RAT, the firm added.To read this article in full, please click here |
| Envoyé | Oui |
| Condensat | abuse acrobat activity added adobe are article attack attempting attributes been binary blob blocking brands browser but campaigns can chain chances cited click cobalt code combination cybercriminal data decoded default deliver detailed detected distribute documents drive embedded engineering falling file firm four from full google groups grown has have here html html5 icedid immutable impersonate impersonating increase increased infection internet javascript known lure macros malicious malware method microsoft new not object offline opened opening payload payloads please popularity postal prevalence qakbot rat read recent recently researchers saving service since smuggling social spiderlabs started storing strains strike such trustwave users uses using versatility victim web well when whereby which within work wrote xworm |
| Tags | Malware |
| Stories | |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.