An unknown threat actor is using a novel combination of open source tools, steganography, and a detection bypass technique to attack government agencies, real estate companies, and construction firms in France. Researchers from Proofpoint tracking the phishing campaign have so far not been able to identify either a motive for it or the threat actor behind the attacks. The only thing the user sees in the end is a Microsoft pop-up that redirects them to a Microsoft help webpage, says Sherrod DeGrippo, vice president, threat research and detection at Proofpoint.”]