On 2021-02-23 20:51, Ricky Boone wrote:
* Examples I'm seeing have nearly blank message, and an HTML attachment with a JavaScript window.location.href redirect related to the attacker URL. * Attacker is leveraging SendGrid
i have local clamav signature to catch html attachment inspiration from foxhole signatures, this is very simple to block
