Discord Server Red Security Twitter Donation to Red Security Red Security Youtube Channel Red Security Tumblr Profile
Windscribe
Login or Register to Hide ads and Accessing all features on the forum
Thread Rating:
  • 6 Vote(s) - 3.17 Average
  • 1
  • 2
  • 3
  • 4
  • 5
News Hackers Abusing Windows Management Interface Command Tool
#1
In The Name OF Allah
Al-Salam Alelkum

[Image: New-Project.jpg]

Quote:Attackers use to deliver a shortcut file (.lnk) through URL or link in email or as an attachment, once the user opens the file contains a WMIC command, it downloads the malicious file from the attacker’s remote server. The file downloaded from the remote server is the malicious XSL(eXtensible Stylesheet Language) file and the malicious XSL contains the javascript which is executed using another legitimate application mshta[.]exe used in running Microsoft HTML Application Host.
Researchers said the JavaScript contains a list of 52 domains and it chooses a random URL as well as the random port between 25010-25099 to download the HTA file.
https://gbhackers.com/hackers-abusing-wi...words/amp/


Wa Salam Alekum
Rs
* Thankful to Allah *
Kurdy
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
Star News Homeland Security Issues Urgent Windows Security Warning Over Zerologon Exploit News 0 70 09-21-2020, 09:26 AM
Last Post: News
Exclamation News Windows SMB Protocol Bug Let Hackers Leak Kernel Memory & Execute a Code Remotely Mr.Kurd 0 389 06-12-2020, 08:24 AM
Last Post: Mr.Kurd
Exclamation News $100,000 Bounty Apple Zero-day Bug in “Sign in with Apple” Let Hackers Take Takeover Mr.Kurd 0 348 06-01-2020, 07:42 AM
Last Post: Mr.Kurd
Star News Hackers Are Bundling Cryptominer With a Seemingly Legit Zoom Installer on Unofficial Mr.Kurd 0 379 04-08-2020, 08:43 AM
Last Post: Mr.Kurd
Question News Windows Running MS-SQL Servers Under Attack!! Hackers Installing 10 Secret Backdoors Mr.Kurd 0 333 04-02-2020, 08:38 AM
Last Post: Mr.Kurd
Sad News Critical RCE Bug in WordPress Plugin Let Hackers Gain Admin Access on 200,000 Website Mr.Kurd 0 319 04-01-2020, 11:19 AM
Last Post: Mr.Kurd
Exclamation News Hackers Deliver LimeRAT Malware Using Password Protected Excel Spreadsheet’s Mr.Kurd 0 379 04-01-2020, 11:17 AM
Last Post: Mr.Kurd
Shocked News Hackers Using Zoom’s Popularity in Coronavirus Outbreak to Infect Computers Mr.Kurd 0 442 03-31-2020, 07:36 AM
Last Post: Mr.Kurd
Rainbow News Microsoft Alerts Users Of Zero-Day RCE Vulnerability In Windows 7 Under Active Exploi Mr.Kurd 0 402 03-26-2020, 09:03 AM
Last Post: Mr.Kurd
Exclamation News Hackers Exploiting 2 Unpatched Windows 0-Day Vulnerabilities in Wide – Microsoft Warn Mr.Kurd 0 656 03-24-2020, 07:56 AM
Last Post: Mr.Kurd



Users browsing this thread: 1 Guest(s)