A sophisticated JavaScript-based credential harvesting campaign has been discovered, utilizing fake voicemail notifications to capture Microsoft 365 credentials. The attackers employ HTML smuggling, obfuscation, and encryption techniques to evade detection. The phishing emails contain PDF attachments with QR codes and HTM files with embedded JavaScript. The malicious code uses base64 encoding, CryptoJS for encryption, and dynamic URL generation to redirect victims to a fake Microsoft 365 login page. The campaign involves multiple stages, including CAPTCHA and media player mimicry, to increase legitimacy. This evolving threat poses significant challenges for automated detection and analysis systems.

Pulse ID: 67c76948c1381d8741fff9f8
Pulse Link: https://otx.alienvault.com/pulse/67c76948c1381d8741fff9f8
Pulse Author: AlienVault
Created: 2025-03-04 20:57:44

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

LevelBlue Open Threat ExchangeLevelBlue - Open Threat ExchangeLearn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

#CAPTCHA #CredentialHarvesting #CyberSecurity

**OTX Bot** @techbot@social.raytec.co · Feb 17

Feb 17

OTX Bot @techbot@social.raytec.co

FinStealer

A sophisticated malware campaign exploits a leading Indian bank's brand through fraudulent mobile applications. Distributed via phishing links and social engineering, these fake apps mimic legitimate bank apps, tricking users into revealing sensitive information. The malware uses advanced evasion techniques, including encrypted communication with C2 servers, dynamic payload execution, and runtime behavior alterations. The attackers aim for financial gain through credential theft, unauthorized transactions, and data sale on darknet forums. The campaign employs Telegram bots, SQL injection attacks, and XOR encryption. The analysis highlights the threat's impact and provides recommendations for mitigation, including advanced monitoring, vulnerability patching, and user education.

Pulse ID: 67b3177984418020ac6ea6b2
Pulse Link: https://otx.alienvault.com/pulse/67b3177984418020ac6ea6b2
Pulse Author: AlienVault
Created: 2025-02-17 11:03:21

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Bank #CyberSecurity #Education

**Morgan_Want** @Morgan_Want@pixelfed.social · Feb 14

**Troll** @Troll@maly.io · Jan 30 *

Jan 30 *

Troll @Troll@maly.io

* #mimic "le tapis d'entrée de chez toi"

(*) je rappelle le but du jeu: il faut répondre a ce toot en photo en essayant de copier le cadrage et la photo.

Photo du tapis devant la porte d'entrée.

**DIY, not d-i-e** @DIYnotdie@pixelfed.art · Jan 20

Jan 20

DIY, not d-i-e @DIYnotdie@pixelfed.art

A trio of mimics that are some of my favorites. Christmas tree, birdhouse, and lil stump.
#mimic #ttrpg

Three snarling mimics - one is a green christmas tree with an angry eye and a snarling mouth, next to a one-eyed birdhouse with a big toothy grin, and a tiny tree stump with a wearily angry eye. The background is a white backdrop and there is a Coffee and Creatures watermark.

#ttrpg

**Troll** @Troll@maly.io · Jan 18

Jan 18

Troll @Troll@maly.io

Je tente un nouveau jeu sur le #Fediverse , je ne sais pas si le jeu sera marrant, ni si vous aurez envie d'y participer mais je vous explique :

Le but du jeu c'est d'essayer de mimer une photo postée par quelqu'un avec le hashtag #Mimic

Les gens qui veulent participer doivent répondre au message initial en publiant à leur tour une photo en essayant de copier la photo originale et en respectant la consigne, d'où le hashtag "Mimic" . Une sorte de "Jacques a dit", " Simon says" en gros

**Blahmage** @Blahmage@mastodon.art · Jan 16

Jan 16

Blahmage @Blahmage@mastodon.art

But what if your birthday present was a mimic?

Not a treasure, but a striped gift box minion, noming on birthday cake

#mimic #penandpaper #ttrpg

TJ @tj_q8@pixelfed.social · Jan 10

Jan 10

TJ @tj_q8@pixelfed.social

حُـبٌّ سـابِـقٌ (ex-love);

Interrupting my macro posts, to post one from my "side project". I had quite a (technical) struggle with this one. As the title suggests, it is a reflection on the several break-ups I had earlier in my life (and probably for the best of my interest when I look back). Some people noted or thought that the matchstick is "wearing a jacket"! Actually (if it is not clear yet), it is a band-aid for little wounds, which I had to even cut in half to use it on the broken matchstick (deliberately broken as a mimic to a broken heart). Strangely, the matchstick, after applying the band, doesn't look to be broken at all! I just hope the visuals are clear here, or I might have to do this for a 3rd time (this one here is a 2nd trial).

Initially, the idea was to light the whole setting in two different directions to yield out two shadows in two different directions. However, technically speaking, it was almost impossible. The direction of the shadows is a mimic of the outlook towards life, where the one with broken heart looks forward to that missing love, while those who broke up with them and departed put things behind their backs and already being with someone else. Anyway, to overcome the problem, I've tried to shoot several shots and combine them together but even that failed. In the end, I had to settle with a half lit set (just to show the main shadow) while merging the bright matchsticks from a distance from another image. I guess the band should have been smaller!
My first trials were to shoot with 50mm with an upper level a bit, but quickly changed to 100mm macro to emphasize the size of the closer matchstick better. Things didn't work as I wish, so I lowered the level further to the one here. The rest, of course, is a history of editing and contrast enhancements.

#stilllife #still-life #love #ex #exlove #match #matchstick #macro #macrophotography #mimic #life #relationships #relations #goodmorning

#goodmorning