Security News > 2024 > June > Phishing emails abuse Windows search protocol to push malicious scripts
A new phishing campaign uses HTML attachments that abuse the Windows search protocol to push batch files hosted on remote servers that deliver malware.
The Windows Search protocol is a Uniform Resource Identifier that enables applications to open Windows Explorer to perform searches using specific parameters.
While most Windows searches will look at the local device's index, it is also possible to force Windows Search to query file shares on remote hosts and use a custom title for the search window.
Microsoft deprecates Windows DirectAccess, recommends Always On VPN. Microsoft fixes VPN failures caused by April Windows updates.
Microsoft announces first Windows 10 Beta build since 2021.
Windows 11 KB5039212 update released with 37 changes, fixes.
News URL
Related news
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- Beware of phishing emails delivering backdoored Linux VMs! (source)
- New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Phishing emails increasingly use SVG attachments to evade detection (source)
- European companies hit with effective DocuSign-themed phishing emails (source)