FamousSparrow: A suspicious hotel guest

1.0ESET Eesti Blogihttps://blog.eset.ee/et/en/FamousSparrow: A suspicious hotel guestrich600338<blockquote class="wp-embedded-content" data-secret="64NqSUeyfi"><a href="https://blog.eset.ee/et/en/2021/10/04/famoussparrow-a-suspicious-hotel-guest/">FamousSparrow: A suspicious hotel guest</a></blockquote><iframe sandbox="allow-scripts" security="restricted" src="https://blog.eset.ee/et/en/2021/10/04/famoussparrow-a-suspicious-hotel-guest/embed/#?secret=64NqSUeyfi" width="600" height="338" title="“FamousSparrow: A suspicious hotel guest” — ESET Eesti Blogi" data-secret="64NqSUeyfi" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" class="wp-embedded-content"></iframe><script type="text/javascript"> /* <![CDATA[ */ /*! This file is auto-generated */ !function(d,l){"use strict";l.querySelector&&d.addEventListener&&"undefined"!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!/[^a-zA-Z0-9]/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll('iframe[data-secret="'+t.secret+'"]'),o=l.querySelectorAll('blockquote[data-secret="'+t.secret+'"]'),c=new RegExp("^https?:$","i"),i=0;i<o.length;i++)o[i].style.display="none";for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute("style"),"height"===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):"link"===t.message&&(r=new URL(s.getAttribute("src")),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener("message",d.wp.receiveEmbedMessage,!1),l.addEventListener("DOMContentLoaded",function(){for(var e,t,s=l.querySelectorAll("iframe.wp-embedded-content"),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute("data-secret"))||(t=Math.random().toString(36).substring(2,12),e.src+="#?secret="+t,e.setAttribute("data-secret",t)),e.contentWindow.postMessage({message:"ready",secret:t},"*")},!1)))}(window,document); //# sourceURL=https://blog.eset.ee/wp-includes/js/wp-embed.min.js /* ]]> */ </script> https://blog.eset.ee/wp-content/uploads/2021/10/famoussparrow-apt-group-targeting-hotels.jpg19201080ESET researchers have uncovered a new cyberespionage group targeting hotels, governments, and private companies worldwide. We have named this group FamousSparrow and we believe it has been active since at least 2019. Reviewing telemetry data during our investigation, we realized that FamousSparrow leveraged the Microsoft Exchange vulnerabilities known as ProxyLogon that we described extensively in March