HP Wolf report highlights widespread exploitation of MSHTML, typosquatting and malware families hosted on Discord

Special feature

Cyberwar and the Future of Cybersecurity

Today’s security threats have expanded in scope and seriousness. There can now be millions — or even billions — of dollars at risk when information security isn’t handled properly.

Read More

HP released its latest Wolf Security Threat Insights Report, finding evidence that cybercriminals are moving even faster in taking advantage of zero-day vulnerabilities and exploiting specific problems like CVE-2021-40444 — the remote code execution vulnerability targeting the MSHTML browser engine through Microsoft Office documents.

The HP Wolf Security threat research team first discovered cyberattackers exploiting CVE-2021-40444 on September 8, one week before Microsoft issued a patch. By September 10, attackers had already created scripts designed to automate the creation of this exploit and shared it on GitHub.

The devastating attack gives cybercriminals a startlingly easy entry point into systems, deploying malware through an Office document that only needs to be previewed to be initiated. 

HP researchers compile the report by analyzing the millions of endpoints running HP Wolf Security. In the latest report, the researchers found that 12% of email malware isolated had bypassed at least one gateway scanner

Read More: https://www.zdnet.com/article/hp-wolf-report-highlights-widespread-exploitation-of-mshtml-vulnerability-typosquatting-and-malware-families-hosted-on-discord/#ftag=RSSbaffb68