Microsoft SmartScreen vulnerability delivers Magniber Ransomware

    Cyber Criminals are smartly exploiting SmartScreen bugs in the Microsoft software to deliver Magniber Ransomware. And so far, the infection spread to thousands of devices, as the Windows operating giant in advance issued no red flag alerts.

    Google’s Threat Analysis Group (TAG) was the first to issue a warning on the issue and immediately notified the Redmond giant about the vulnerability. The tech giant immediately analyzed the bug and issued a patch to the MS Office vulnerability titled CVE-2023-24880.

    Another bug of a similar sort, dubbed CVE-2023-44698, was discovered in December and although the software company issued a patch, it seems like it hasn’t covered all the required systems.

    Both these flaws were tracked to be caused by an existing susceptibility in the Mark-Of-The-Web feature. Supposed to issue red flags on detecting malicious downloads via the web, USB devices, and other distrustful sources. Thus, leading the victims towards the Microsoft Software Installer (MSI) files packed with the said file-encrypting malware and having an unshapely signature.

    TAG concluded that most of the 100,000 downloads of the malicious MSI files were from Europe, which is contrary to the usual activity of Magniber of targeting systems from Taiwan and South Korea.

    Coming to other news, silicon valley based Rubrik, into the business of data security, has reportedly become a victim of a ransomware attack, yet to be confirmed. First, a source from the company reported that the attack was caused by exploiting a vulnerability in Microsoft software.

    However, upon inquiry, it was discovered that the hackers exploited a vulnerability in Fortra GoAnwhere file sharing software by tinkering its zero-day flaw.

    Ad
    Join over 500,000 cybersecurity professionals in our LinkedIn group "Information Security Community"!
    Naveen Goud
    Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

    No posts to display