Network perimeter cyber security tools associated with US-based medical providers identified email phishing attempts from domestic and international IP addresses. The emails contained subjects related to the COVID-19 pandemic and included malicious files as attachments. These attachments were in the form of Microsoft Word Document files, 7-zip compressed files, Microsoft Visual Basic Script, Java, and Microsoft Executables. The capabilities of these malicious attachments are unknown, but they would have likely created an initial intrusion vector to enable follow-on system exploitation, persistence, and exfiltration.




Leave a comment

Your email address will not be published. Required fields are marked *

Supportscreen tag