Windows MSHTML 0-Day Exploited to Deploy Cobalt Strike Beacon in Targeted Attacks
By: Ravie Lakshmanan
Microsoft on Wednesday disclosed details of a targeted phishing campaign that leveraged a now-patched zero-day flaw in its MSHTML platform using specially-crafted Office documents to deploy Cobalt...
Linux Implementation of Cobalt Strike Beacon Targeting Organizations Worldwide
By: Ravie Lakshmanan
Researchers on Monday took the wraps off a newly discovered Linux and Windows re-implementation of Cobalt Strike Beacon that's actively set its sights on government, telecommunications, information...
Experts Link Sidewalk Malware Attacks to Grayfly Chinese Hacker Group
By: Ravie Lakshmanan
A previously undocumented backdoor that was recently found targeting an unnamed computer retail company based in the U.S. has been linked to a longstanding Chinese espionage operation...
New 0-Day Attack Targeting Windows Users With Microsoft Office Documents
By: Ravie Lakshmanan
Microsoft on Tuesday warned of an actively exploited zero-day flaw impacting Internet Explorer that's being used to hijack vulnerable Windows systems by leveraging weaponized Office documents.
Tracked as...
FIN7 Hackers Using Windows 11 Themed Documents to Drop Javascript Backdoor
By: Ravie Lakshmanan
A recent wave of spear-phishing campaigns leveraged weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript implant, against a...
Microsoft Warns of Widespread Phishing Attacks Using Open Redirects
By: Ravie Lakshmanan
Microsoft is warning of a widespread credential phishing campaign that leverages open redirector links in email communications as a vector to trick users into visiting malicious websites...
New SideWalk Backdoor Targets U.S.-based Computer Retail Business
By: Ravie Lakshmanan
A computer retail company based in the U.S. was the target of a previously undiscovered implant called SideWalk as part of a recent campaign undertaken by a...
ShadowPad Malware is Becoming a Favorite Choice of Chinese Espionage Groups
By: Ravie Lakshmanan
ShadowPad, an infamous Windows backdoor that allows attackers to download further malicious modules or steal data, has been put to use by five different Chinese threat clusters...
Cloudflare mitigated one of the largest DDoS attack involving 17.2 million rps
By: Ravie Lakshmanan
Web infrastructure and website security company Cloudflare on Thursday disclosed that it mitigated the largest ever volumetric distributed denial of service (DDoS) attack recorded to date.
The attack,...
Attackers Can Weaponize Firewalls and Middleboxes for Amplified DDoS Attacks
By: Ravie Lakshmanan
Weaknesses in the implementation of TCP protocol in middleboxes and censorship infrastructure could be weaponized as a vector to stage reflected denial of service (DoS) amplification attacks,...
