AANew.
Securonix: Analyzing FAUX#ELEVATE: Threat Actors Target France with CV Lures to Deploy Crypto miners and Infostealers Targeting Enterprise Environments https://www.securonix.com/blog/faux-elevate-threat-actors-crypto-miners-and-infostealers/
Sekoia: Silver Fox: The Only Tax Audit Where the Fine Print Installs Malware https://blog.sekoia.io/silver-fox-the-only-tax-audit-where-the-fine-print-installs-malware/ @sekoia_io
From yesterday:
Sophos: NICKEL ALLEY strategy: Fake it ‘til you make it https://www.sophos.com/en-us/blog/nickel-alley-strategy-fake-it-til-you-make-it @SophosXOps
Wiz: KICS GitHub Action Compromised: TeamPCP Strikes Again in Supply Chain Attack https://www.wiz.io/blog/teampcp-attack-kics-github-action @wiz #GitHub #infosec #threatresearch #malware #Trivy
Analyzing FAUX#ELEVATE: Threat Actors Target France with CV Lures to Deploy Crypto miners and Infostealers Targeting Enterprise Environments
Securonix Threat Research: FAUX#ELEVATE is a fast-moving phishing campaign using fake resumes and obfuscated VBScript to steal credentials, exfiltrate data, and deploy crypto miners in enterprise environments.