New attack uses MSC files and Windows XSS flaw to breach networks
June 24, 2024 at 03:14PM The command execution technique “GrimResource” exploits an unpatched Windows XSS flaw using malicious MSC files to deploy Cobalt Strike malware. This technique was recently found to be actively exploited in the wild, leveraging an old vulnerability in the Microsoft Management Console. The attack can lead to the execution of other … Read more