Security News > 2022 > June > Symantec: More malware operators moving in to exploit Follina
While enterprises are still waiting for Microsoft to issue a fix for the critical "Follina" vulnerability in Windows, yet more malware operators are moving in to exploit it.
"Symantec has observed attackers using a similar HTML file to that used in the initial attack. Multiple attackers are using a variety of payloads at the end of successful exploitation."
Follina is a RCE vulnerability in the Microsoft Support Diagnostic Tool that allows attackers to subvert the ms-msdt protocol handler process.
Attackers can use a specially crafted Word document that loads a malicious HTML file through the application's remote template function, according to Symantec.
Threat hunters with cybersecurity vendor Kaspersky also have been tracking attacks using the Follina flaw, noting in a blog post this week that organizations in the US are particularly being targeted.
"We expect to see more Follina exploitation attempts to gain access to corporate resources, including for ransomware attacks and data breaches," they wrote.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/06/09/symantec-follina-microsoft/
Related news
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims (source)
- Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign (source)
- Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware (source)
- BootKitty UEFI malware exploits LogoFAIL to infect Linux systems (source)
- New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools (source)
- New Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHP (source)