Attackers deliver legal threats, IcedID malware via contact form

Sergiu Gatlan reports: … IcedID is a modular banking trojan first spotted in 2017 and updated to also deploy second-stage malware payloads, including Trickbot, Qakbot, and Ryuk ransomware. Recently detected by the Microsoft 365 Defender Threat Intelligence Team, this phishing campaign seems to have found a way to bypass contact forms’ CAPTCHA protection to flood enterprises with a barrage of phishing messages. Read more on BleepingComputer.DataBreaches.netRead More