Attackers have been exploring new forms of phishing bait that will entice users to click and have reportedly had success exploiting Bangladesh’s Cairo embassy website, according to researchers at Trustwave.
Research conducted at the end of October 2018 revealed that the Coinlmp web miner created a block for a government facility domain. Only two months later, the threat team detected a Microsoft Word document with an embedded malicious EPS script for the same domain. According to today’s blog post, the office document contains an EPS file and exploits a use-after-free vulnerability, CVE-2017-0261.
By Kacy Zurkus