Cyber alert: NCC-CSIRT warns Nigerians on latest Phishing attack

Discussions and news on the Internet, Web Design and Development, Webmasters And Related Topics
Comment
User avatar
Deon
VIP VIP
Location: Some where in Nigeria
 

December 3rd, 2022, 5:08 pm

The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has warned that a new Phishing, Attacks Exploit Windows Zero-Day Vulnerability, can load a malicious QBot malware on the compromised device without triggering any Windows security alerts.
In its advisory, NCC-CSIRT indicated that the vulnerability, which is present in all versions of Windows-based products, presents as Phishing Attacks and Malware threats.
NCC-CSIRT reports that ProxyLife security researcher discovered the new phishing exploit on Windows zero-day vulnerability to drop a Qbot malware without displaying Mark of the Web (MoTW) security warnings.
It said: “To take advantage of the Windows Mark of the Web zero-day vulnerability, threat actors have switched to a new phishing strategy that involves propagating JS files (plain text files that include JavaScript code) signed with forged signatures.
“The newest phishing attempt begins with an email that contains a password for the file along with a link to an allegedly important document.
“When the link is clicked, a password-protected ZIP folder that includes another zip file and an IMG file is downloaded.
“Normally, launching the JS file in Windows would result in a Mark of the Web security warning because it is an Internet-based file. However, the forged signature permits the JS script to function and load the malicious QBot program without triggering any Windows security alerts,” the advisory said.
Accordingly, NCC-CSIRT advised that users apply updates per vendor instructions.


https://www.vanguardngr.com/2022/12/cyb ... ng-attack/

Please share...

An eye for an eye left thousands blind,
remember that......
User avatar
Deon
VIP VIP
Location: Some where in Nigeria
 

December 3rd, 2022, 5:09 pm

😐😐😐

NCC is performing
An eye for an eye left thousands blind,
remember that......
Comment
  • See also...
    Comments
    Views
    Last post
  • Information
  • Online

    Users browsing this section: No members and 1 guest