Tag: 2024-06-25
2 attack reports | 141 vulnerabilities
Attack reports
StrelaStealer Resurgence: Tracking a JavaScript-Driven Credential Stealer Targeting Europe
Recent observations indicate a surge in JavaScript spreading StrelaStealer, a credential stealer specifically targeting Outlook and Thunderbird email credentials. While the infection chain resembles previous versions, additional checks have been implemented to avoid compromising systems in Russia. …
Downloadable IOCs 5
Phishing Incident Report: Facts and Timeline
On June 18, 2024, an employee's account at ANY.RUN was compromised and used to carry out a phishing attack against the company's entire contact list. The initial compromise occurred on May 27 through an AiTM phishing campaign targeting the employee. Over the following weeks, the attacker maintained…
Downloadable IOCs 9
StrelaStealer Resurgence: Tracking a JavaScript-Driven Credential Stealer Targeting Europe
Recent observations indicate a surge in JavaScript spreading StrelaStealer, a credential stealer specifically targeting Outlook and Thunderbird email credentials. While the infection chain resembles previous versions, additional checks have been implemented to avoid compromising systems in Russia. …
Downloadable IOCs 5
Phishing Incident Report: Facts and Timeline
On June 18, 2024, an employee's account at ANY.RUN was compromised and used to carry out a phishing attack against the company's entire contact list. The initial compromise occurred on May 27 through an AiTM phishing campaign targeting the employee. Over the following weeks, the attacker maintained…
Downloadable IOCs 9