Lucene search

K
hiveproHive ProHIVEPRO:19810CA69EE792A741AC657E50CAAAEE
HistoryOct 13, 2021 - 8:52 a.m.

Microsoft patches a vulnerability that was used in MysterySnail RAT Campaign

2021-10-1308:52:05
Hive Pro
www.hivepro.com
47

THREAT LEVEL: Red.

For a detailed advisory, download the pdf file here.

An APT espionage campaign leveraged a zero-day exploit for Microsoft Windows to escalate privileges and obtain access to Windows servers. The exploit chain culminated in the installation of a newly discovered remote access trojan (RAT) called MysterySnail on compromised servers with the purpose of stealing data. The flaw (CVE 2021 40449) was fixed as part of Microsoft's October Patch Tuesday upgrades, which were released this week.

Vulnerability Details

Actor Details

Indicators of Compromise (IoCs)

Patch Link

<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40449&gt;

References

<https://securelist.com/mysterysnail-attacks-with-windows-zero-day/104509/&gt;