Open redirect on Dept. of HHS website benefits COVID-19 phishing scam

A coronavirus-themed phishing campaign designed to infect victims with Raccoon information-stealing malware has reportedly been leveraging an open redirect vulnerability found on the U.S. Department of Health and Human Services’ website, HHS.gov.

As defined by Trustwave here, an open redirect occurs when a website’s “parameter values (the portion of URL

...continue reading...

Source: SC Magazine / Article: "Open redirect on Dept. of HHS website benefits COVID-19 phishing scam"

Secured By miniOrange