BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...)

• Previous message (by thread): BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...)
• Next message (by thread): BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 4/24/23 9:24 AM, Niels Bakker wrote:
> * nanog at ve4.ca (Glen A. Pearce) [Mon 24 Apr 2023, 17:42 CEST]:
>> Well, I eventually had a friend open the attachment on his Linux machine
>
> Not necessarily a safe idea:
> https://www.welivesecurity.com/2023/04/20/linux-malware-strengthens-links-lazarus-3cx-supply-chain-attack/
> (scroll down to "Operation DreamJob with a Linux payload", sadly no 
> anchors)
>
The key security concern here is "don't inspect/interpret bytes in an 
attachment with an application of the attacker's choosing". cat, or even 
emacs, seem pretty safe.

For me, that's easiest to do with Linux or MacOS (terminal). But sure, 
if "open on a Linux machine" still means "point and click", then you're 
absolutely correct.

Jim Shankland

• Previous message (by thread): BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...)
• Next message (by thread): BKA Wiesbaden - Abteilung Cybercrime (Not sure if this is a phishing E-mail or real...)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]