Security News > 2024 > June > Phishing emails abuse Windows search protocol to push malicious scripts
A new phishing campaign uses HTML attachments that abuse the Windows search protocol to push batch files hosted on remote servers that deliver malware.
The Windows Search protocol is a Uniform Resource Identifier that enables applications to open Windows Explorer to perform searches using specific parameters.
While most Windows searches will look at the local device's index, it is also possible to force Windows Search to query file shares on remote hosts and use a custom title for the search window.
Microsoft deprecates Windows DirectAccess, recommends Always On VPN. Microsoft fixes VPN failures caused by April Windows updates.
Microsoft announces first Windows 10 Beta build since 2021.
Windows 11 KB5039212 update released with 37 changes, fixes.
News URL
Related news
- Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails (source)
- Coinbase phishing email tricks users with fake wallet migration (source)
- Why it's time for phishing prevention to move beyond email (source)
- New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records (source)
- PoisonSeed phishing campaign behind emails with wallet seed phrases (source)
- Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft (source)
- Windows NTLM hash leak flaw exploited in phishing attacks on governments (source)
- Phishing emails delivering infostealers surge 84% (source)