Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

WinRAR exploit used by MuddyWater APT phishing gang

Muddywater-20190412105446547

A WinRAR exploit discovered recently Check Point Software has been used in part of a phishing campaign by cyberspy group MuddyWater.

According to a blog post by Microsoft’s Office 365 ATP Research Team, the vulnerability was used in part of an intricate attack to execute a fileless PowerShell backdoor. Rex Plantado of Microsoft's Office 365 ATP Research Team said the attack used techniques that are similar to campaigns carried out by the activity group known as MuddyWater.

Plantado said that the attack started with a spear-phishing email purporting to be from the Ministry of Foreign Affairs (MFA) of the Islamic Republic of Afghanistan. This email was sent to very specific targets and asked for "resources, telecommunication services and satellite maps". The email came with a Word document attachment.

"When opened, the document asks the recipient to download another document from a now-inactive OneDrive link. While the URL was down during our analysis, we still reported...(continued)

View All Trending Stories