Attackers are actively attempting to exploit a vulnerability in MSHTML that allows them to craft a malicious ActiveX control to be used by Microsoft Office files.
Source: Read More (Threatpost)
You might be interested in …
[HackerNews] Russian Pushing New State-run TLS Certificate Authority to Deal With Sanctions
The Russian government has established its own TLS certificate authority (CA) to address issues with accessing websites that have arisen in the wake of sanctions imposed by the west following the country’s unprovoked military invasion of Ukraine. According to a message posted on the Gosuslugi public services portal, the Ministry of Digital Development is expected to provide […]
[SANS ISC] Multi Perimeter Device Exploit Mirai Version Hunting For Sonicwall, DLink, Cisco and more, (Tue, Jun 15th)
Vulnerable perimeter devices remain a popular target, and we do see consistent exploit attempts against them. This weekend, Guy wrote about some scans for Fortinet vulnerabilities [1], and Xavier notes that Crowdstrike observed attacks against EoL Sonicwalls [2]. Starting earlier this month, we did also observe a consistent trickle of requests looking for a relatively recent […]
[ESET] Ousaban: Private photo collection hidden in a CABinet
Another in our occasional series demystifying Latin American banking trojans The post Ousaban: Private photo collection hidden in a CABinet appeared first on WeLiveSecurity Source: Read More (WeLiveSecurity)