Get a Pentest and security assessment of your IT network.

Cyber Security

8-Year-Old VelvetSweatshop Bug Resurrected in LimeRAT Campaign

Researchers have discovered a fresh campaign using Excel files to spread LimeRAT malware making use of the hardcoded, VelvetSweatshop default password for encrypted files. The hardcoded password is a well-known issue addressed in 2012 (CVE-2012-0158) that was also presented at Virus Bulletin in 2013. Mimecast said it has notified Microsoft that the vulnerability is once again being used. The new attack however, uses a different tack it sends malicious, encrypted Excel files using read-only mode.

Source: https://threatpost.com/velvetsweatshop-bug-resurrected-limerat/154310/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation