Computerworld

Critical Windows vuln. in .LNK files = Stuxnet (and IE IV)

Eeek! All versions of Microsoft Windows have a nasty shortcut-file vulnerability, it has emerged. Simply displaying the icon of a crafty .LNK file will cause malware infection. The Stuxnet worm has ...
Bleeping Computer

Malicious Windows 'LNK' attacks made easy with new Quantum builder

Malware researchers have noticed a new tool that helps cybercriminals build malicious .LNK files to deliver payloads for the initial stages of an attack. LNKs are Windows shortcut files that can ...
Threat Post

USB-based Wormable Malware Targets Windows Installer

Activity dubbed ‘Raspberry Robin’ uses Microsoft Standard Installer and other legitimate processes to communicate with threat actors and execute nefarious commands. Wormable malware dubbed Raspberry ...
CSOonline

New Windows zero-day feared abused in widespread espionage for years

A zero-day vulnerability stemming from how Windows User Interface handles its shortcut (.lnk) files has been exploited by at least 11 nation-state actors in widespread threat campaigns. According to ...
CSOonline

APT exploits Windows zero-day to launch zombie IE attack

Last week’s patched Microsoft file spoofing flaw has been exploited in the wild by APT group Void Banshee by resurrecting Internet Explorer without the user’s knowledge. An APT group has been ...
Dark Reading

North Korean APT Gets Around Macro-Blocking With LNK Switch-Up

North Korea's APT37 threat group is providing fresh evidence of how adversaries have pivoted to using LNK, or shortcut files, to distribute malicious payloads after Microsoft began blocking macros by ...