There's a new malware campaign targeting job seekers using an old remote code execution flaw found in Microsoft Office, which is taken advantage of and releases Cobalt Strike beacons on compromised hosts.
Researchers from Cisco Talos, Chetan Raghuprasad and Vanja Svajcer, share that "the payload discovered is a leaked version of a Cobalt Strike beacon. The beacon configuration contains commands to perform targeted process injection of arbitrary binaries and has a high reputation domain configured, exhibiting the redirection technique to masquerade the beacon's traffic."
Discovered in August 2022, this malicious software allows hackers to exploit specific weak points and conduct a remote code execution issue in Microsoft Office, allowing cybercriminals access to the network.
Hungry for more? Join me each week, where I'll break down complex topics and dissect the latest news within the cybersecurity industry and blockchain ecosystem, simplifying the tech world.