32 min listen
Bad building blocks: a new and unusual phishing campaign. [Research Saturday]
FromCyberWire Daily
ratings:
Length:
19 minutes
Released:
Jun 5, 2021
Format:
Podcast episode
Description
Guest Karl Sigler of Trustwave's SpiderLabs joins Dave Bittner to talk about their research: "Hidden Phishing at Free JavaScript Site". The research describes an interesting phishing campaign SpiderLabs encountered recently. In this campaign, the email subject pertains to a price revision, followed by some numbers. There is no email body, but there is an attachment about an ”investment.” The attachment’s convoluted filename contains characters the file-naming convention doesn’t allow, notably the vertical stroke, “|.” Even though "xlsx" is in the filename, double-clicking the attachment will prompt the user to open it with the default web browser. Thus, the file indeed appears to be an HTML document. Of course, it’s malicious.
The research can be found here:
HTML Lego: Hidden Phishing at Free JavaScript Site
The research can be found here:
HTML Lego: Hidden Phishing at Free JavaScript Site
Released:
Jun 5, 2021
Format:
Podcast episode
More Episodes from CyberWire Daily
Opening up on hidden secrets. by CyberWire Daily