Get a Pentest and security assessment of your IT network.

Cyber Security

HHS.gov Open Redirect Used by Coronavirus Phishing to Spread Malware

An HHS.gov open redirect is currently being used by attackers to push malware payloads onto unsuspecting victims’ systems with the help of coronavirus-themed phishing emails. The open redirect (https://dcis.hhs.gov/cas/login?service=MALICIOUSURL&gateway=true) is present on the subdomain of HHS’s Departmental Contracts Information System. The attackers use it to link to a malicious attachment containing a malicious. document which will unpack an obfuscated VBS script that will download and execute a Raccoon information stealer malware payload from http://185.62.188[.]204/hunt/post/corona.

Source: https://www.bleepingcomputer.com/news/security/hhsgov-open-redirect-used-by-coronavirus-phishing-to-spread-malware/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation