U.S. Cyber Command Warns of Outlook Flaw Exploited by Iranian Hackers
#1
Quote:The U.S. Cyber Command (USCYBERCOM) on Tuesday warned that it had spotted attacks exploiting a Microsoft Outlook vulnerability tracked as CVE-2017-11774 in an effort to deliver malware.
 
According to USCYBERCOM, which started sharing malware samples via the VirusTotal intelligence service in November 2018, the attackers delivered malware using the customermgmt.net domain. USCYBERCOM has shared several malware samples related to the attack and advised users to ensure that they have patched CVE-2017-11774.
 
[Image: CYBERCOM_tweet.png]

The vulnerability, which Microsoft fixed in October 2017, has been described as a security feature bypass that can allow an attacker to execute arbitrary commands on targeted systems. The flaw was discovered by researchers at SensePost, which integrated the exploit into its open source testing tool Ruler.
 
FireEye reported in December 2018 that the Iran-linked cyberspy group tracked as APT33 had been using CVE-2017-11774 and the Ruler tool to deliver malware. FireEye believes the attacks referenced by USCYBERCOM were also launched by APT33.

SOURCE: https://www.securityweek.com/us-cyber-co...an-hackers
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
AMD prepares Linux support for new Low P...
AMD Linux patch ad...harlan4096 — 07:16
Opera 149.0.7827.197
Dear Opera Users! ...harlan4096 — 07:14
Privazer 4.0.124.1 (28 June 2026)
v4.0.124.1 (28 Jun...harlan4096 — 07:13
GlassWire 3.9.1102 - (June 29, 2026)
Version 3.9.1102 -...harlan4096 — 07:12
AMD Radeon Software Adrenalin 26.6.4 dri...
AMD Radeon Software...harlan4096 — 07:10

[-]
Birthdays
Today's Birthdays
avatar (43)uapedDow
avatar (47)suiscced
avatar (48)Angarpaf
avatar (41)clarissalo60
Upcoming Birthdays
avatar (47)dapedDow
avatar (49)TromPerl
avatar (46)RidgeDimb
avatar (37)ipumaqar
avatar (51)tanliorsPeri
avatar (43)lapedDow
avatar (49)rituabew
avatar (37)omyjul
avatar (41)papedDow
avatar (50)ArnoldFum
avatar (38)yfaza
avatar (49)Kevensi
avatar (48)ConradRoand
avatar (39)boineDon
avatar (51)spoofTum
avatar (50)WillieVot
avatar (40)Grompelbawn
avatar (41)vkseogaF
avatar (37)usogy
avatar (41)optsaZes
avatar (40)RaymondViata
avatar (40)ywixazok
avatar (38)ixoqe
avatar (56)Step 1
avatar (36)pa.OpenTran

[-]
Online Staff
There are no staff members currently online.

>