Podcast Detail

SANS Stormcast Monday, June 16th, 2025: Katz Stealer in JPG; JavaScript Attacks; Reviving expired Discord Invites for Evil

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9494.mp3

Podcast Logo
Katz Stealer in JPG; JavaScript Attacks; Reviving expired Discord Invites for Evil
00:00

Katz Stealer in JPG
Xavier found some multistage malware that uses an Excel Spreadsheet and an HTA file to load an image that includes embeded a copy of Katz stealer.
https://isc.sans.edu/diary/More+Steganography/32044

https://unit42.paloaltonetworks.com/malicious-javascript-using-jsfiretruck-as-obfuscation/
JavaScript obfuscated with JSF*CK is being used on over 200,000 websites to direct victims to malware

Expired Discord Invite Links Used for Malware Distribution
Expired discord invite links are revived as vanity links to direct victims to malware sites
https://research.checkpoint.com/2025/from-trust-to-threat-hijacked-discord-invites-used-for-multi-stage-malware-delivery/

no transcript found