Cybercriminals working on behalf of at least six nation-states are actively exploiting a zero-day vulnerability in Microsoft Windows to commit espionage, steal data and cryptocurrency, according to Trend Micro researchers.
The vulnerability, which Trend Micro tracks as ZDI-CAN-25373, allows attackers to execute hidden malicious commands due to the way Windows displays the contents of shortcut .lnk files, also known as shell link files, researchers said in a report released Tuesday. A CVE has not been assigned to the vulnerability and Microsoft hasn’t made any commitments to patch or remediate the issue.
[...]
Nation-state groups hit hundreds of organizations with Microsoft Windows zero-day
Nation-state groups hit hundreds of organizations with Microsoft Windows zero-day
-
rbc
- Secretary
- Posts: 374
- Joined: Mon Oct 30, 2023 1:32 am
- Location: Vicksburg, MS
- ISC2 Member Status: Yes
- Contact:
Nation-state groups hit hundreds of organizations with Microsoft Windows zero-day
Robert B. Carleton + ISC2 Central Mississippi Secretary