Qbot – known channel for ransomware – delivered via phishing and Follina exploit

More than a week has passed since Microsoft acknowledged the existence of the “Follina” vulnerability (CVE-2022-30190), after reports of it being exploited in the wild began to crop up here and there. Since then, other state-backed threat actors have started exploiting it, but now one of the most active Qbot (QakBot) malware affiliates has also been spotted leveraging Follina. Archive contains an IMG with a Word doc, shortcut file, and DLL. The LNK will execute … More →

The post …

acros security channel don't miss enterprise exploit follina hot stuff malware microsoft phishing proofpoint qbot ransomware smbs vulnerability windows windows server