|Check Point Reference:||CPAI-2023-0120|
|Date Published:||13 Mar 2023|
|Last Updated:||Monday 13 March, 2023|
|Protection Provided by:||
|Who is Vulnerable?|
|Vulnerability Description||A phishing campaign targeting New Jersey State employees in attempts to install the Matanbuchus loader. Emails reference an attached document for review, appear to be replies to previous conversation threads (a tactic known as thread hijacking), and include a ZIP archive attachment containing an HTML file.|
This protection detects attempts to exploit this vulnerability.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.
This protection's log will contain the following information:
Attack Name: Phishing Enforcement Protection.
Attack Information: Matanbuchus Phishing Campaign