Windows MSHTML 0-Day Exploited to Deploy Cobalt Strike Beacon in Targeted Attacks

16 September 2021

Microsoft on Wednesday disclosed details of a targeting phishing campaign that leveraged a now-patched zero-day flaw in its MSHTML platform using specially-crafted Office documents to deploy Cobalt Strike Beacon on compromised Windows systems. “These attacks used the vulnerability, tracked as CVE-2021-40444, as part of an initial access campaign that distributed custom Cobalt Strike Beacon loaders,”

Read full article on The Hacker News

Date:

16 September 2021

Categorie(s):

NEWS

Tag(s):

0-Day, Cyber Attack, Deploy, Microsoft, MSHTML

7 Indications That Your Computer Is Malware-Infected27 April 2024
Should I Trust VPN Review Sites?27 April 2024
5 Do’s and Don’ts For Using USB Flash Drives27 April 2024
GitGuardian Researchers Find Thousands of Leaked Secrets in PyPI (Python Package Index) Packages27 April 2024
5 Top Cybersecurity Books You Must Read27 April 2024