DiscoverResearch SaturdayPodcast bait, malware switch.
Podcast bait, malware switch.

Podcast bait, malware switch.

Update: 2024-10-05
Share

Description

Joshua Miller from Proofpoint is discussing their work on "Best Laid Plans: TA453 Targets Religious Figure with Fake Podcast Invite Delivering New BlackSmith Malware Toolset." Proofpoint identified Iranian threat actor TA453 targeting a prominent Jewish figure with a fake podcast interview invitation, using a benign email to build trust before sending a malicious link.

The attack attempted to deliver new malware called BlackSmith, containing a PowerShell trojan dubbed AnvilEcho, designed for intelligence gathering and exfiltration. This malware consolidates all of TA453's known capabilities into a single script rather than the previously used modular approach.

The research can be found here:

Learn more about your ad choices. Visit megaphone.fm/adchoices

Comments 
Top Podcasts
The Best New Comedy Podcast Right Now – June 2024The Best News Podcast Right Now – June 2024The Best New Business Podcast Right Now – June 2024The Best New Sports Podcast Right Now – June 2024The Best New True Crime Podcast Right Now – June 2024The Best New Joe Rogan Experience Podcast Right Now – June 20The Best New Dan Bongino Show Podcast Right Now – June 20The Best New Mark Levin Podcast – June 2024
In Channel
Quishing for trouble.

Quishing for trouble.

2024-12-2117:16

Watching the watchers. IoT vulnerabilities exposed by AI.

Watching the watchers. IoT vulnerabilities exposed by AI.

2024-12-1417:34

The JPHP loader breaking away from the pack.

The JPHP loader breaking away from the pack.

2024-12-0722:09

Leaking your AWS API keys, on purpose?

Leaking your AWS API keys, on purpose?

2024-11-3022:31

Exposing AI's Achilles heel.

Exposing AI's Achilles heel.

2024-11-2322:33

Credential harvesters in the cloud.

Credential harvesters in the cloud.

2024-11-1614:38

A firewall wake up call.

A firewall wake up call.

2024-11-0923:01

Velvet Ant's silent invasion.

Velvet Ant's silent invasion.

2024-11-0219:15

LLM security 101.

LLM security 101.

2024-10-2618:35

New targets, new tools, same threat.

New targets, new tools, same threat.

2024-10-1927:17

Ransomware on repeat.

Ransomware on repeat.

2024-10-1228:35

Podcast bait, malware switch.

Podcast bait, malware switch.

2024-10-0522:44

Beyond the permissions wall.

Beyond the permissions wall.

2024-09-2817:47

Hook, line, and sinker.

Hook, line, and sinker.

2024-09-2119:46

Spamageddon: Xeon Sender’s cloudy SMS attack revealed!

Spamageddon: Xeon Sender’s cloudy SMS attack revealed!

2024-09-1418:57

The playbook for outpacing China.

The playbook for outpacing China.

2024-09-0727:26

Pop goes the developer.

Pop goes the developer.

2024-08-3119:03

MaaS infrastructure exposed.

MaaS infrastructure exposed.

2024-08-2425:39

Essential tools with critical security challenges.

Essential tools with critical security challenges.

2024-08-1724:17

Prompts gone rogue.

Prompts gone rogue.

2024-08-1022:42

loading
Google Play
Download from Google Play
Castbox
Download from App Store
usUnited States
00:00
00:00
x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

Podcast bait, malware switch.

Podcast bait, malware switch.

N2K Networks