top of page
Search

Threat analysis: Follina exploit fuels 'live-off-the-land' attacks

Writer's picture: StormsecStormsec

An analysis of three in-the-wild payloads delivered using the recently discovered Follina exploit shows how attackers can use it to achieve persistent access in victim environments and turbo-charge efforts to ‘live off the land’ and avoid detection by security monitoring tools.




MALWARE FAMILIES: Cobalt Strike, Mimikatz


ATT&CK IDS: T1055 - Process Injection, T1059 - Command and Scripting Interpreter, T1027 - Obfuscated Files or Information, T1003 - OS Credential Dumping, T1559 - Inter-Process Communication, T1566 - Phishing, T1210 - Exploitation of Remote Services, T1078 - Valid Accounts


Read More:

1 view

Comentarios


Los comentarios se han desactivado.
bottom of page