Remote access trojans such as StrRAT and Ratty are being distributed as a combination of polyglot and malicious Java archive (JAR) files, once again highlighting how threat actors are continuously finding new ways to fly under the radar. “Attackers now use the polyglot technique to confuse security solutions that don’t properly validate the JAR file […]
Tracked as CVE-2021-30970, the new security error, which Microsoft calls powerdir, allows an attacker to bypass the platform’s Transparency, Consent, and Control (TCC) technology and “potentially orchestrate an attack based on the user’s protected personal data.” Introduced in 2012, TCC is meant to help users configure the privacy settings in their applications, including access to […]
The attacks start with spear-phishing messages that employ lures relevant to the targeted organizations, such as aviation, travel, and cargo, and deliver an image that pretends to be a PDF file and which contains an embedded link. The attackers abuse legitimate web services and they leverage a newly identified loader dubbed Snip3 for the delivery […]
Latest Comments