#ElasticSecurity

New attack uses MSC files and Windows XSS flaw to breach networks

by

June 24, 2024 at 03:14PM The command execution technique “GrimResource” exploits an unpatched Windows XSS flaw using malicious MSC files to deploy Cobalt Strike malware. This technique was recently found to be actively exploited in the wild, leveraging an old vulnerability in the Microsoft Management Console. The attack can lead to the execution of other … Read more

New attack uses MSC files and Windows XSS flaw to breach networks

by

June 24, 2024 at 03:06PM A novel command execution technique, ‘GrimResource,’ leverages an unpatched Windows XSS flaw and specially crafted MSC files to deploy malware. This technique successfully evades detection and current antivirus engines. The attack begins with a malicious MSC file exploiting a known XSS vulnerability, ultimately leading to the deployment of Cobalt Strike … Read more