New XWorm malware attacks involve Follina flaw exploitation

16 May 2023

Ongoing phishing attacks have been distributing the XWorm malware through a novel attack chain involving the exploitation of the Follina vulnerability, tracked as CVE-2022-30190, and the use of a meme-filled PowerShell code, according to The Hacker News. Such a campaign, which has been attributed to the MEME#4CHAN activity cluster, leverages Microsoft Word files using CVE-2022-30190, to facilitate the deployment of an obfuscated PowerShell script that is then exploited to evade anti-malware and Microsoft Defender scans and deploy the XWorm-containing .NET binary, a report from Securonix showed.

Read full article on SC Magazine

Date:

16 May 2023

Categorie(s):

NEWS

Tag(s):

Follina, IT, New, News

Google Guide! How to Detect Browser Data Theft Using Windows Event Logs1 May 2024
NCSC’s New Mobile Risk Model Aimed at “High-Threat” Firms1 May 2024
Millions of Malicious “Imageless” Docker Hub Repositories Drop Malware1 May 2024
Major Cyber Attacks, Data Breaches & Ransomware Attacks in April 20241 May 2024
Attackers Leverage Sidecar Container Injection Technique To Stay Stealthy1 May 2024