THE article discusses recent phishing campaigns targeting hospitality organizations in Europe and Asia, as observed by researchers from Microsoft and Trend Micro. Attackers use malicious zip files disguised as guest photos to install malware and gain persistent access to systems. The campaigns exploit social engineering tactics, impersonating guests with complaints to lure victims into downloading harmful content.
Microsoft highlighted methods like 'authentication laundering' to bypass email security, while Trend Micro pointed out the use of TONResolver, a remote access Trojan leveraging blockchain for command and control. Emphasis is placed on the need for enhanced security measures in the hospitality sector to counter these evolving threats.