Attacks such as this are a daily occurrence for many private and Government entities. Many websites are compromised, usually because the website’s Content Management System (CMS) or a plug-in have not been patched, and attackers often host phishing web pages or malware payloads on compromised websites. In this case, the attackers have used a simple technique of delivering an EXE file directly and hoping that visitors to the website won’t notice what type of file they’ve downloaded before opening it. With a plan in place to help raise awareness of the phishing techniques, users have a significantly better chance of spotting and stopping such an attack. That said, threat actors have become increasingly skilled in designing documents, zip files, script files and other delivery mechanisms to trick users into activating payloads. When the inevitable happens and a phishing or malware delivery attempt succeeds, a Security Operations Center (SOC) team with defensive measures in place can alert and take action. Binary Defense offers a SOC, Threat Hunting, and Counter-Intelligence teams to help form a defense-in-depth solution to protect businesses from security threats.

https://therecord.media/malware-infected-documents-found-on-kazakhstan-government-portals/