Hackers Use Windows 10 RDP ActiveX Control to Run TrickBot Dropper

A group of hackers is using the remote desktop ActiveX control in Word documents to automatically execute on Windows 10 a malware downloader called Ostap that was seen recently adopted by TrickBot for delivery. The threat actor delivered the malicious documents via phishing emails disguised as notifications of a missing payment. The malicious code for Ostap downloader is present in the document in font that has the same color as the background, making it invisible to the human eye. The attackers did not populate the “server”” field in the MsRDPClient10NotSafeForScripting class

Source:

Something Fresh

What to Know About The Jamaica Data Protection Act

St Vincent and the Grenadines embracing CariSECURE

Jamaica's Gov’t Looking to Finalize Data Protection Act Regulations

What People Reading

Feedback and data-driven updates to Googles disclosure policy

Mozilla Says Google's New Ad Tech - FLoC - Doesn't Protect User Privacy

Certificate Security in the Wild West

This Week's TV: Felicia Day Plays a Hacker with a Dungeons and Dragons Tattoo

RSA: Geolocation shows just how dead privacy is

Categories

Partners

Just add here your partners image or promo text