The FortiMail IR team recently uncovered a new email campaign distributing a Remote Access Trojan (RAT) using multiple evasion techniques to target organizations in Spain, Italy, and Portugal. The campaign leverages the serviciodecorreo email service provider, which is configured as an authorized sender for various domains and successfully passes SPF validation.[1]
Affected platforms: Windows (primarily), Linux & macOS (if Java is installed)
Impacted parties: Users on systems with Java Runti
|
