this post was submitted on 28 Aug 2023
1 points (100.0% liked)

cybersecurity

0 readers
0 users here now

This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.

founded 1 year ago
MODERATORS
[email protected]
1
HTML Smuggling Leads to Domain Wide Ransomware (zerobytes.monster)
submitted 1 year ago by [email protected] to c/[email protected]
0 comments fedilink hide all child comments
 
This is an automated archive.

The original was posted on /r/cybersecurity by /u/TheDFIRReport on 2023-08-28 15:18:09+00:00.

In this case a threat actor delivered a password protected ZIP file via HTML smuggling. Within the password protected ZIP file, there was an ISO file that deployed IcedID which led to the use of Cobalt Strike. Nokoyawa ransomware was deployed domain wide within 12 hours of initial access.

Report:

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here