Iron Castle Systems

Skip to content

VMware
AWS
Powershell
Security
Projects
Misc.
Client Access
About

Search for:

Phishing Kit Collecting Victim's IP Address, (Sat, May 20th)

May 20, 2023 David Leave a comment

This post was originally published on this site

While reviewing my last findings today, I found a phishing email that delivered a classic .shtml file called "PROFORMA INVOICE.shtml". Right now, nothing special, emails like this one are widespread. When you open the file in a sandbox, it reveals a classic form:

Post navigation

Previous PostAmazon SageMaker Geospatial Capabilities Now Generally Available with Security Updates and More Use Case Samples Next PostAnother Malicious HTA File Analysis – Part 3, (Sun, May 21st)

Leave a Reply Cancel reply

You must be logged in to post a comment.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

VMware

Connecting an Qlogic QME8262-k to an ESXI 6.7 May 28, 2023
PCI device not map correctly for using as passthrough on Z490 chipset May 27, 2023
Esxi host issues May 27, 2023
installation esxi stops initializing initvmkernel: (54/186)SMP_BootAPs May 27, 2023
Esxi hosts/ usc chassis May 26, 2023

SANS Security

DocuSign-themed email leads to script-based infection, (Sat, May 27th) May 27, 2023
Using DFIR Techniques To Recover From Infrastructure Outages, (Fri, May 26th) May 26, 2023
ISC Stormcast For Friday, May 26th, 2023 https://isc.sans.edu/podcastdetail/8514, (Fri, May 26th) May 26, 2023
ISC Stormcast For Thursday, May 25th, 2023 https://isc.sans.edu/podcastdetail/8512, (Thu, May 25th) May 25, 2023
IR Case/Alert Management, (Wed, May 24th) May 24, 2023

AWS

AWS Week in Review – AWS Documentation Updates, Amazon EventBridge is Faster, and More – May 22, 2023 May 22, 2023
Amazon SageMaker Geospatial Capabilities Now Generally Available with Security Updates and More Use Case Samples May 19, 2023
New – Simplify the Investigation of AWS Security Findings with Amazon Detective May 18, 2023
Retiring the AWS Documentation on GitHub May 17, 2023
AWS Week in Review – New Open-Source Updates for Snapchange, Cedar, and Jupyter Community Contributions – May 15, 2023 May 15, 2023

Microsoft

Microsoft Build brings AI tools to the forefront for developers May 23, 2023
Meeting governments where they are: Delivering innovation while maintaining digital sovereignty May 16, 2023
Introducing the Microsoft 365 Copilot Early Access Program and 2023 Microsoft Work Trend Index May 9, 2023
Cloud-based chip design for national security achieves key milestone May 9, 2023
Announcing the next wave of AI innovation with Microsoft Bing and Edge May 4, 2023

Iron Castle Systems

Tag Cloud

AWS
Microsoft
Powershell
SANS
Security
Virtualization
VMware

Recent Posts

We Can no Longer Ignore the Cost of Cybersecurity, (Sun, May 28th) May 28, 2023
VMware Skyline Advisor Pro Proactive Findings – May 2023 Edition May 26, 2023
Using DFIR Techniques To Recover From Infrastructure Outages, (Fri, May 26th) May 26, 2023
IR Case/Alert Management, (Wed, May 24th) May 24, 2023
More Data Enrichment for Cowrie Logs, (Wed, May 24th) May 24, 2023

Archives

Iron Castle System info@ironcastle.net Proudly powered by WordPress Theme - twentyfourteen

Manage Cookie Consent

To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.

Functional Functional Always active

The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.

Preferences Preferences

The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.

Statistics Statistics

The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.

Marketing Marketing

The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.

Manage options Manage services Manage vendors Read more about these purposes

View preferences

{title} {title} {title}