Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners

A financially motivated operation codenamed REF1695 has been observed leveraging fake installers to deploy remote access trojans RATs and cryptocurrency miners since November 2023. "Beyond cryptomining, the threat actor monetizes infections through CPA Cost Per Action fraud, directing victims to...

CISA Adds Five Known Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-32046 Microsoft Windows MSHTML Platform Privilege Escalation Vulnerability CVE-2023-32049 Microsoft Windows Defender SmartScreen Security Feature Bypass...

Threat Actors Adopt Havoc Framework for Post-Exploitation in Targeted Attacks

An open source command-and-control C2 framework known as Havoc is being adopted by threat actors as an alternative to other well-known legitimate toolkits like Cobalt Strike, Sliver, and Brute Ratel. Cybersecurity firm Zscaler said it observed a new campaign in the beginning of January 2023...

Exploit for CVE-2021-1675

CVE-2021-1675RDLLPE A CS reflection loading plugin for the...