On 13th December 2022, Cisco Talos Intelligence published a threat advisory about Qakbot malware, the researchers from Talos have identified HTML smuggling was actively used by Qakbot attackers.
- Use Antivirus or EDR in all endpoints.
- Educate employees about phishing emails.
- Take regular backups of end devices to reduce the impact of attacks.
Create rules based on known indicators of threat actor activity in the SIEM (Security incident event management) tool for detection.