More than a week has passed since Microsoft acknowledged the existence of the “Follina” vulnerability (CVE-2022-30190), after reports of it being exploited in the wild began to crop up here and there. Since then, other state-backed threat actors have started exploiting it, but now one of the most active Qbot (QakBot) malware affiliates has also been spotted leveraging Follina. Archive contains an IMG with a Word doc, shortcut file, and DLL. The LNK will execute … More
The post Qbot – known channel for ransomware – delivered via phishing and Follina exploit appeared first on Help Net Security.