#MalwareHunting

Novel phishing campaign uses corrupted Word documents to evade security

by

December 2, 2024 at 05:41PM A new phishing campaign exploits Microsoft Word’s file recovery feature with corrupted document attachments, evading security measures. These emails, disguised as payroll communications, prompt users to scan a QR code leading to a credential-stealing site. Most antivirus solutions fail to detect these attachments, enhancing their effectiveness. ### Meeting Takeaways 1. … Read more

ESET Flags Prototype UEFI Bootkit Targeting Linux

by

November 27, 2024 at 12:07PM ESET has identified a prototype UEFI bootkit, named Bootkitty, targeting specific Ubuntu Linux configurations, marking a shift from Windows-exclusive attacks. While still in development, Bootkitty aims to disable kernel signature verification, allowing unsigned modules to load. A related module, BCDropper, exhibits rootkit-like behavior. **Meeting Takeaways:** 1. **Discovery of UEFI Bootkit:** … Read more