Iron Castle Systems

Skip to content

VMware
AWS
Powershell
Security
Projects
Misc.
Client Access
About

Search for:

Phishing Kit Collecting Victim's IP Address, (Sat, May 20th)

May 20, 2023 David Leave a comment

This post was originally published on this site

While reviewing my last findings today, I found a phishing email that delivered a classic .shtml file called "PROFORMA INVOICE.shtml". Right now, nothing special, emails like this one are widespread. When you open the file in a sandbox, it reveals a classic form:

Post navigation

Previous PostNew KB articles for VMware Horizon and Workspace ONE, in April 2023.Next PostAnother Malicious HTA File Analysis – Part 3, (Sun, May 21st)

Leave a Reply Cancel reply

You must be logged in to post a comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

VMware

ESXI Datastore partitioning error November 30, 2023
number of paths different across ESXI November 30, 2023
No access with firefox 120 for vsphere esxi 7.0.3 November 30, 2023
VMWare ESXi 7 On Top KVM. VM won't Start November 30, 2023
Can't snapshot most of my VM's - "required file was not found" November 29, 2023

SANS Security

Prophetic Post by Intern on CVE-2023-1389 Foreshadows Mirai Botnet Expansion Today, (Thu, Nov 30th) November 30, 2023
ISC Stormcast For Thursday, November 30th, 2023 https://isc.sans.edu/podcastdetail/8758, (Thu, Nov 30th) November 30, 2023
Decoding the Patterns: Analyzing DShield Honeypot Activity [Guest Diary], (Mon, Nov 27th) November 29, 2023
ISC Stormcast For Wednesday, November 29th, 2023 https://isc.sans.edu/podcastdetail/8756, (Wed, Nov 29th) November 29, 2023
Pro Russian Attackers Scanning for Sharepoint Servers to Exploit CVE-2023-29357, (Tue, Nov 28th) November 28, 2023

AWS

Easily deploy SaaS products with new Quick Launch in AWS Marketplace November 30, 2023
Package and deploy models faster with new tools and guided workflows in Amazon SageMaker November 29, 2023
Use natural language to explore and prepare data with a new capability of Amazon SageMaker Canvas November 29, 2023
Amazon SageMaker adds new inference capabilities to help reduce foundation model deployment costs and latency November 29, 2023
Leverage foundation models for business analysis at scale with Amazon SageMaker Canvas November 29, 2023

Microsoft

A statement from Microsoft Chairman and CEO Satya Nadella November 21, 2023
Microsoft Ignite 2023: AI transformation and the technology driving change November 15, 2023
Startups to access high-performance Azure infrastructure, accelerating AI breakthroughs November 7, 2023
Honoring veterans and recognizing their value and contributions at Microsoft and beyond November 6, 2023
New study validates the business value and opportunity of AI November 2, 2023

Iron Castle Systems

Tag Cloud

AWS
Microsoft
Powershell
SANS
Security
Virtualization
VMware

Recent Posts

Use AWS Fault Injection Service to demonstrate multi-region and multi-AZ application resilience November 30, 2023
Apple Patches Exploited WebKit Vulnerabilitiues in iOS/iPadOS/macOS, (Thu, Nov 30th) November 30, 2023
Zonal autoshift – Automatically shift your traffic away from Availability Zones when we detect potential issues November 30, 2023
IDE extension for AWS Application Composer enhances visual modern applications development with AI-generated IaC November 30, 2023
Amazon SageMaker Studio adds web-based interface, Code Editor, flexible workspaces, and streamlines user onboarding November 30, 2023

Archives

Iron Castle System info@ironcastle.net Proudly powered by WordPress Theme - twentyfourteen

Manage Cookie Consent

To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.

Functional Functional Always active

The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.

Preferences Preferences

The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.

Statistics Statistics

The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.

Marketing Marketing

The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.

Manage options Manage services Manage {vendor_count} vendors Read more about these purposes

View preferences

{title} {title} {title}