Hackers Using Microsoft MSHTML Flaw to Spy on Targeted PCs with Malware

The Hacker News describes he way how the Microsoft flaw is being utilized by hackers.

A new Iranian threat actor has been discovered exploiting a now-addressed critical flaw in the Microsoft Windows MSHTML platform to target Farsi-speaking victims with a new PowerShell-based information stealer designed to harvest extensive details from infected machines.

"The stealer is a PowerShell script, short with powerful collection capabilities in only ~150 lines, it provides the adversary a lot of critical information including screen captures, Telegram files, document collection, and extensive data about the victim's environment," SafeBreach Labs researcher Tomer Bar said in a report published Wednesday.

Read more on The Hacker News

Navigating The Threat Landscape 2021: From Ransomware to Botnets

The Hacker News studies Global Threat Landscape Report which indicates a drastic rise in sophisticated cyberattacks targeting digital infrastructures, organizations, and individuals in 2021.

When new threats emerge, attackers take advantage of them, however, most businesses are only aware of the current threats. Organizations struggle to address these threats due to their resource sophistication and their lack of understanding of evolving threat landscapes. For these reasons, organizations need visibility on the advanced threats especially targeting their infrastructure. This article will outline the evolution in the cyber threat landscape 2021.

Read further on The Hacker News