cognitive cybersecurity intelligence

News and Analysis

Search

New malware campaign uses MSIX packages to infect Windows PCs

Cyberattackers are using MSIX, a Windows application packaging format, to infect PCs and evade detection by encrypting malware, titled Ghostpulse. Researchers at Elastic Security Labs suspect users are prompted to download malicious MSIX packages via breached websites or misleading adverts. By exploiting vulnerabilities in Notepad++, the attackers initiate a staged process in order to download Ghostpulse and other infostealers. The loader overwrites executed instructions to complicate analysis, and can establish persistence.

Source: www.csoonline.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

Risk Non-Payment or Deny Medications

A ransomware attack by the ‘Blackcat’ group on UnitedHealth Group subsidiary Change Healthcare has disrupted payment systems and prescription processing in nearly 90% of US