Windows MSHTML 0-Day Exploited to Deploy Cobalt Strike Beacon in Targeted Attacks

16 September 2021

Microsoft on Wednesday disclosed details of a targeting phishing campaign that leveraged a now-patched zero-day flaw in its MSHTML platform using specially-crafted Office documents to deploy Cobalt Strike Beacon on compromised Windows systems. “These attacks used the vulnerability, tracked as CVE-2021-40444, as part of an initial access campaign that distributed custom Cobalt Strike Beacon loaders,”

Read full article on The Hacker News

Date:

16 September 2021

Categorie(s):

NEWS

Tag(s):

0-Day, Cyber Attack, Deploy, Microsoft, MSHTML

North Korea’s Lazarus observed testing new macOS trojan in the wild14 November 2024
NSO – not government clients – operates its spyware, legal documents reveal14 November 2024
A Look at New Forms of Marketing and How to Implement Them14 November 2024
Cybercriminal devoid of boundaries gets 10-year prison sentence14 November 2024
These 8 Apps on Google Play Store Contain Android/FakeApp Trojan14 November 2024