(Photo/Reuters)
Foreign media Ilsoftware reported that Microsoft released a routine security update patch for the Windows system in early November, patching a zero-day vulnerability called “CVE-2022-41091”. Hackers used it to launch a wave of large-scale phishing attacks to spread the Qbot malware to attack the computer devices of the hackers In addition to the possibility of malicious infection of the files and files in the device, they may even even faced with malicious blackmail Information security risks from software threats.
Although the patch file for this zero-day vulnerability was released in Microsoft’s Windows cumulative update file in November, according to foreign ProxyLife security personnel, Microsoft has not completely fixed all the bugs of this vulnerability, leading to some cases, Still not automatically jump out of the prompt security warning. In addition to downloading the update files released in November as soon as possible, Windows users are encouraged to be very vigilant against unknown source URLs and file downloads included in emails during the period before Microsoft released certain information security patch files in December. awake
This wave of attacks using zero-day vulnerabilities to spread the Qbot malware is mainly through email phishing campaigns, using URL links and attached files in emails, and adding a special attribute called “Web Mark”, in order to deceive the security trust of the Windows system, and secretly spread the Qbot malware without displaying the security warning of the web page, and hide it as an executable file such as “wermgr.exe” or “AtBroker.exe” , so that the victim Hackers mistakenly think that they are safe archives when they are not aware.
Once the open button is clicked, the installation of the Qbot malware will be run silently in the background. When successfully invading the computer device, it may not only cause the file files in the computer device to be maliciously infecting and damaging them, but also stealing the victim’s electronic data The email was used to launch another wave of phishing attacks. Take, for example, the Black Basta ransomware attack that has hit the web.
you might want to see too
2 Qatar World Cup Official App Reveals Information Security Risks! EU regulatory warning: mobile phone data is collected
No need to smoke, no need to rush. Now use the APP to watch the news Guaranteed to win every day Point me to download the APP and follow the method of watching activities
