Attackers often use latest news relevant to an organization in order to craft the decoy content used in Targeted Attacks. One such instance was observed recently during my research. I observed an email message delivered to milcoop@mod.mil.by with a malicious Macro based Document attached to the email. This email address corresponds to Ministry of Defense (International Military of Defense Cooperation Directorate) of Belarus.
This Macro based Document would display a decoy to the user with the details of the Russian Military operations which are scheduled to be carried out in Belarus in September 2017.
More details of the attack are here: Neutralize Cyber Threats: Possible Targeted Attack on Belarus Ministry of Defense
This Macro based Document would display a decoy to the user with the details of the Russian Military operations which are scheduled to be carried out in Belarus in September 2017.
More details of the attack are here: Neutralize Cyber Threats: Possible Targeted Attack on Belarus Ministry of Defense
