Contagious Interview Actors Now Utilize JSON Storage Services for Malware Delivery

NVISO reports a new development in the Contagious Interview campaign. The threat actors have recently resorted to utilizing legitimate JSON storage services like JSON Keeper, JSONsilo, and npoint.io to host and deliver malware from trojanized code projects, with the lure being a use case or demo project as part of an interview process. Background Contagious … Continue reading Contagious Interview Actors Now Utilize JSON Storage Services for Malware Delivery →

All that JavaScript for… spear phishing?

NVISO employs several hunting rules in multiple Threat Intelligence Platforms and other sources, such as VirusTotal. As you can imagine, there is no lack of APT (Advanced Persistent Threat) campaigns, cybercriminals and their associated malware families and campaigns, phishing, and so on. But now and then, something slightly different and perhaps novel passes by. In … Continue reading All that JavaScript for… spear phishing? →