Hackers are exploiting an old Microsoft Office vulnerability (CVE-2017-11882) to deploy the Agent Tesla malware through decoy Excel documents in phishing campaigns, Zscaler ThreatLabz reports. The concealed DLL is injected into RegAsm.exe, the Windows Assembly Registration Tool, to launch the final payload. Other discovered phishing campaigns target the hospitality sector with email messages to distribute information stealer malware such as RedLine Stealer or Vidar Stealer.
China-Backed Hackers Infiltrate U.S. Treasury
The US Treasury was hacked by a China-state-sponsored actor, who stole a key to access unclassified documents. This follows other incidents where Chinese groups infiltrated
