Inlay

//

by @danabra.mov

by @danabra.mov

by @jimpick.com

+ new component

PostEmbed

Key Takeaways Initial access was via a resume lure as part of a TA4557/FIN6 campaign. The threat actor abused LOLbins like ie4uinit.exe and msxsl.exe to run the more_eggs malware. Cobalt Strike and…

thedfirreport.com

The Curious Case of an Egg-Cellent Resume