[HackerNews] FIN7 Hackers Using Windows 11 Themed Documents to Drop Javascript Backdoor

A recent wave of spear-phishing campaigns leveraged weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript implant, against a point-of-sale (PoS) service provider located in the U.S.
The attacks, which are believed to have taken place between late June to late July 2021, have been attributed with “moderate confidence” to a

Source: Read More (The Hacker News)

You might be interested in …

[SANS ISC] Changing BAT Files On The Fly, (Mon, Aug 2nd)

All posts, Sans-ISC

I often use Windows BAT files, simple ones, to execute a series of commands. And over the years, I learned not to change these BAT files while they were executing, because cmd.exe would “notice” those changes when it has to execute the next command in the BAT file, and read the changed file, leading to […]

Read More

[ZDNet] Open source: Google is going to pay developers to make projects more secure

All posts, ZDNet

Developers offered rewards for hardening open-source software projects against supply chain risks. Source: Read More (Latest topics for ZDNet in Security)

Read More

[HackerNews] Critical Patches Issued for Cisco Expressway Series, TelePresence VCS Products

All posts, HackerNews

Cisco this week shipped patches to address a new round of critical security vulnerabilities affecting Expressway Series and Cisco TelePresence Video Communication Server (VCS) that could be exploited by an attacker to gain elevated privileges and execute arbitrary code. The two flaws – tracked as CVE-2022-20754 and CVE-2022-20755 (CVSS scores: 9.0) – relate to an arbitrary file […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.