The Water Makara spear-phishing campaign, recently identified by Trend Micro, targets victims using social engineering tactics and obfuscated JavaScript files. The attack entices victims to click malicious links or download harmful attachments, ultimately leading to credential theft and data compromise. Zimperium’s on-device phishing detection engine effectively classified 100% of the malicious URLs in the campaign as malicious, identifying them in a zero-day capacity. This highlights the effectiveness of Zimperium’s AI-powered solution in delivering comprehensive, real-time protection against sophisticated phishing attacks.
A vulnerability in the open-source Roundcube webmail software has been exploited in phishing attacks. The flaw, tracked as CVE-2024-37383, allows attackers to steal user credentials by sending malicious emails that appear to be from legitimate sources. The vulnerability has been patched, but users of Roundcube webmail are advised to update their software immediately. Threat actors targeted user accounts of Roundcube Webmail users, specifically with the goal of stealing their login credentials. The attack involved sending emails with malicious links that, when clicked, would redirect users to a fake website designed to look like the real Roundcube login page. Users who entered their credentials on the fake website had them stolen by the attackers, compromising their accounts and potentially exposing sensitive data.
A cross-site scripting (XSS) vulnerability, tracked as CVE-2024-37383, was exploited in a phishing campaign targeting a government organization in a CIS country. The attackers used an email with a concealed attached document and embedded tags to execute arbitrary JavaScript code. This allowed them to steal credentials and potentially gain control of the victim’s account. The vulnerability affects Roundcube Webmail versions prior to 1.5.7 and 1.6.x versions before 1.6.7. This incident highlights the importance of patching known vulnerabilities promptly and implementing robust security measures to prevent such attacks.