The Ukraine Computer Emergency Response Team (CERT-UA) said Russian hackers are exploiting the Follina vulnerability in new phishing campaigns to install CredoMap malware and Cobalt Strike beacons. According to experts, the APT28 hacker group (Strontium, Fancy Bear and Sofacy) sends out emails with a malicious document called “Nuclear Terrorism Is a Real Threat.rtf”. The hackers… Continue reading Russian Hackers Use Follina Vulnerability to Attack Users in Ukraine
Tag: Follina
Microsoft Fixed Follina Vulnerability and 55 Other Bugs
As part of the June Patch Tuesday, Microsoft finally fixed the Follina Critical Vulnerability associated with Windows MSDT, and fixed 55 more bugs in its products. As a reminder, Follina (CVE-2022-30190) is a remote code execution issue in the Microsoft Windows Support Diagnostic Tool (MSDT) and affects all versions of Windows that receive security updates… Continue reading Microsoft Fixed Follina Vulnerability and 55 Other Bugs
Trojan Qbot Took Advantage of the Famous Follina Vulnerability
The researchers warned that the Qbot malware is already exploiting an unpatched zero-day vulnerability in Windows MSDT called Follina. Let me remind you that the discovery of Follina became known at the end of May, although the first researchers discovered the bug back in April 2022, but then Microsoft refused to acknowledge the problem. The… Continue reading Trojan Qbot Took Advantage of the Famous Follina Vulnerability
Microsoft Is in No Hurry to Fix the Follina Vulnerability, Which Has Become a Real Disaster
Hackers are actively exploiting the critical 0-day Follina vulnerability, which Microsoft is in no hurry to fix. Researchers warn that European governments and municipalities in the US have been targeted by a phishing campaign using malicious RTF documents. Let me remind you that the discovery of Follina became known at the end of May, although… Continue reading Microsoft Is in No Hurry to Fix the Follina Vulnerability, Which Has Become a Real Disaster
Chinese Hackers Attack Fresh 0-day Follina Vulnerability
Experts have warned that Chinese hackers are already actively exploiting a 0-day vulnerability in Microsoft Office known as Follina to remotely execute malicious code on vulnerable systems. Let me remind you that the discovery of Follina became known a few days ago, although the first researchers discovered the bug back in April 2022, but then… Continue reading Chinese Hackers Attack Fresh 0-day Follina Vulnerability
Attackers Are Already Exploiting the Fresh 0-day Follina Bug in Microsoft Office
Security researchers recently discovered a zero-day vulnerability in Microsoft Office dubbed Follina. The bug can be exploited through the normal opening of a Word document, using it to execute malicious PowerShell commands through the Microsoft Diagnostic Tool (MSDT). Let me remind you that we also wrote that Lapsus$ hack group stole the source codes of… Continue reading Attackers Are Already Exploiting the Fresh 0-day Follina Bug in Microsoft Office