Translate

Thursday, 16 September 2021

Windows MSHTML 0-Day Exploited to Deploy Cobalt Strike Beacon in Targeted Attacks

Microsoft on Wednesday disclosed details of a targeting phishing campaign that leveraged a now-patched zero-day flaw in its MSHTML platform using specially-crafted Office documents to deploy Cobalt Strike Beacon on compromised Windows systems. "These attacks used the vulnerability, tracked as CVE-2021-40444, as part of an initial access campaign that distributed custom Cobalt Strike Beacon

No comments:

Post a Comment