all InfoSec news
QakBot Malware Used Unpatched Vulnerability to Bypass Windows OS Security Feature
Malware Analysis, News and Indicators - Latest topics malware.news
Executive Summary
This paper investigates a recent QakBot phishing campaign's ability to evade Mark-of-the-Web (MoTW) security features, allowing for escape from the designated security zone and successful installation of malicious software on victim device.. Key observations:
EclecticIQ analysts investigated QakBot phishing campaigns switching to a Zero-Day Vulnerability to evade Windows Mark of the Web (MoTW). QakBot may be able to increase its infection success rate as a result of the switch to a zero-day exploit.
The threat actor distributes QakBot …
analysts bypass campaign campaigns device eclecticiq escape evade executive features infection installation key malicious malicious software malware mark mark of the web may motw phishing phishing campaign qakbot rate result security security features software the web unpatched victim vulnerability web windows zero-day zero-day vulnerability