Hackers Exploiting Follina Bug to Deploy Rozena Backdoor

[correlate]

[correlate]

Level 18
Thread author
Verified
Top Poster
Well-known
May 4, 2019
825
Content source
https://thehackernews.com/2022/07/hackers-exploiting-follina-bug-to.html
A newly observed phishing campaign is leveraging the recently disclosed Follina security vulnerability to distribute a previously undocumented backdoor on Windows systems.

"Rozena is a backdoor malware that is capable of injecting a remote shell connection back to the attacker's machine," Fortinet FortiGuard Labs researcher Cara Lin said in a report this week.
Click to expand...
thehackernews.com

Hackers Exploiting Follina Bug to Deploy Rozena Backdoor

Hackers exploit the Follina vulnerability to infect Windows systems with the Rozena backdoor.
thehackernews.com thehackernews.com
 
  • Like
Reactions: upnorth, plat, Trooper and 4 others
Andy Ful

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,481
Although the vulnerability was patched several weeks ago via standard Windows updates, there are still many unpatched machines. The attackers use several well-known delivery methods:

While attacks spotted in early April prominently featured Excel files with XLM macros, Microsoft's decision to block macros by default around the same time is said to have forced the threat actors to pivot to alternative methods like HTML smuggling as well as .LNK and .ISO files.
Click to expand...
 
  • Like
  • Thanks
Reactions: plat, Trooper, Fel Grossi and 2 others
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
Cybercriminals Exploit Microsoft Word Vulnerabilities to Deploy LokiBot Malware
Replies
0
Views
908
News Archive
silversurfer
silversurfer
Gandalf_The_Grey
    • Like
    • Thanks
Security News South Korean hackers exploited WPS Office zero-day to deploy malware
Replies
4
Views
2,371
Security News
cartaphilus
cartaphilus
Gandalf_The_Grey
    • Like
    • +Reputation
Malware News Google: Russian FSB hackers deploy new Spica backdoor malware
Replies
1
Views
1,706
Security News
Juan2go
J

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top