Security researchers have observed the Qbot/Qakbot botnet distributing malware payloads via a new delivery method. The technique involves sending a phishing email that includes a password-protected ZIP archive attachment containing malicious MSI Windows Installer packages. Qakbot, which WaterISAC has reported on numerous times, is a highly modular malware used for many malign activities such as credential harvesting and dropping ransomware. Qakbot was “extremely active” last month propagating via phishing emails. Members are reminded they can protect themselves against this threat by carefully screening suspicious emails. Read more at BleepingComputer.
Thank you to everyone who helped make H2OSecCon Spring 2024 happen! As noted during the event, WaterISAC intends to conduct another H2OSecCon this year, so stay tuned for updates!