[HackerNews] Hackers Using Microsoft MSHTML Flaw to Spy on Targeted PCs with Malware

A new Iranian threat actor has been discovered exploiting a now-addressed critical flaw in the Microsoft Windows MSHTML platform to target Farsi-speaking victims with a new PowerShell-based information stealer designed to harvest extensive details from infected machines.
“[T]he stealer is a PowerShell script, short with powerful collection capabilities — in only ~150 lines, it provides the

Source: Read More (The Hacker News)

You might be interested in …

[ThreatPost] Cyberattackers Hit Data of 80K Fertility Patients

All posts, ThreatPost

Fertility Centers of Illinois’ security measures protected electronic medical records, but the attackers still got at extremely intimate data in admin files. Source: Read More (Threatpost)

Read More

[SecurityWeek] SonicWall Patches Y2K22 Bug in Email Security, Firewall Products

All posts, Security Week

Cybersecurity firm SonicWall says it has released patches for some of its email security and firewall products to address a bug that resulted in failed junk box and message log updates. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[HackerNews] New SideWalk Backdoor Targets U.S-based Computer Retail Business

All posts, HackerNews

A computer retail company based in the U.S. was the target of a previously undiscovered implant called SideWalk as part of a recent campaign undertaken by a Chinese advanced persistent threat group primarily known for singling out entities in East and Southeast Asia. Slovak cybersecurity firm attributed the malware to an advanced persistent threat it […]

Read More