Microsoft Office zero-day also dubbed MSHTML attack exploited to target Russian government including Interior ministry and State Rocket Center.
Malwarebytes Intelligence team reports that the MSHTML vulnerability classified as CVE-2021-40444 has become the focus of threat actors targeting Russian government entities.
Malwarebytes researchers intercepted phishing email attachments revealing that attackers were trying to target Russian organizations.
The CVE-2021-40444 vulnerability involves ActiveX and is an old flaw, but it was discovered recently, and soon enough, threat actors started sharing its PoCs, tutorials, and exploits on hacking forums to let interested individuals obtain step-by-step instructions about how to launch their own attacks.
Microsoft responded spontaneously by publishing mitigation guidelines, disabling new ActiveX controls installation, and releasing a patch in its latest Patch Tuesday report. However, the patching time is comparatively longer than the time it takes people to exploit the flaw.
Email Template Explanation
The first template Malwarebytes
Read the article