ClearSky recently reported that at least eight websites associated with shipping, logistics, and financial services companies in Israel were targeted in a watering hole attack. The attack, attributed to Iranian threat actor Tortoiseshell, was designed to collect preliminary user information which was then sent to a remote server and a domain named jquery-stack[.]online for command-and-control (C2). The malicious code also attempted to determine the user’s language preference, which could be used to customize the attack. This is not the first time Israeli shipping sectors have been targeted by Iranian activity clusters; in August 2022, UNC3890 was attributed to a similar attack. Microsoft recently highlighted their new approach of combining “offensive cyber operations with multi-pronged influence operations to fuel geopolitical change in alignment with the regime’s objectives,” indicating that Israel remains a prominent target for Iranian state-sponsored crews.
Source: Hackernews
To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.