Researchers at Forcepoint X-Labs have exposed a new mode of malware delivery using a virtual hard disk image file (.vhd) instead of infected documents or executable files. The technique involves sending a phishing email with a seemingly innocent purchase order and the .vhd file as an attachment. When opened, the file appears as a new drive containing a malicious script designed to attack the computer and evade detection.
Windows Shortcut Flaw Exploited by 11 State-Sponsored Groups
A newly identified cyber vulnerability, ZDI-CAN-25373, affecting Windows Shell Link (.lnk) files, has been exploited since 2017 by 11 state-backed threat groups from North Korea,
