fbpx

private aircraft charter companies nigeria

private airlines in nigeria

aircraft charter services in nigeria

Cost of hiring a private jet in nigeria

Hire a private jet cost

Private aircraft charter nigeria

How much to park a private jet in nigeria

Private jet charter price in Nigeria

Private jet charter companies in nigeria

private jet price

private jet for sale in nigeria
private jet charter abuja
how much is private jet charter from lagos to abuja
hire a private jet cost
cost of private jet charter
Private jet terminal abuja
How much to buy a private jet in naira
Aviation Blog

Microsoft: Aviation and Travel Firms Targeted with RAT Campaign – Infosecurity Magazine

Microsoft is warning the aerospace and travel sectors of a new targeted attack campaign aimed at stealing sensitive information from affected companies.
The tech giant said it had been tracking the “dynamic campaign” for several months via a series of spear-phishing emails designed to deliver an “actively developed loader.”
The screenshot posted to Microsoft Security Intelligence Twitter feed was of a phishing email spoofing a legitimate organization and requesting a quote for a cargo charter.
“An image posing as a PDF file contains an embedded link (typically abusing legitimate web services) that downloads a malicious VBScript, which drops the RAT payloads,” it explained.
These payloads are either RevengeRAT or AsyncRAT.
“The RATs connect to a C2 server on hosted on a dynamic hosting site to register with the attackers, and then uses a UTF-8-encoded PowerShell and fileless techniques to download three additional stages from pastebin[.]com or similar sites,” Microsoft said.
"The Trojans continuously re-run components until they are able to inject into processes like RegAsm, InstallUtil, or RevSvcs. They steal credentials, screenshots and webcam data, browser and clipboard data, system and network into, and exfiltrates data often via SMTP Port 587.”
The loader which drops the RATs was identified by Morphisec last week as a “highly sophisticated” crypter-as-a-service dubbed “Snip3.”
It features several methods of bypassing detection by security tools, including: the use of Pastebin and top4top for staging; recognition of Windows Sandbox and VMWare virtualization; executing PowerShell code with the “remotesigned” parameter; and compiling RunPE loaders on the endpoint in runtime.
Microsoft claimed its 365 Defender product detects multiple components of the attack, but urged organizations in the targeted sectors to check whether they’ve been affected. It published a list of hunting queries so organizations can check for similar activities, emails, implants and other indicators of attack.

source

Did you like this? Share it!

© West Link Airlines Limited.| All Rights Reserved. | Site Developed by Globe Boss