For a detailed advisory, download the pdf file here.
An APT espionage campaign leveraged a zero-day exploit for Microsoft Windows to escalate privileges and obtain access to Windows servers. The exploit chain culminated in the installation of a newly discovered remote access trojan (RAT) called MysterySnail on compromised servers with the purpose of stealing data. The flaw (CVE 2021 40449) was fixed as part of Microsoft's October Patch Tuesday upgrades, which were released this week.
<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40449>
<https://securelist.com/mysterysnail-attacks-with-windows-zero-day/104509/>