Bleeping Computer

Phishing emails abuse Windows search protocol to push malicious scripts

A new phishing campaign uses HTML attachments that abuse the Windows search protocol (search-ms URI) to push batch files hosted on remote servers that deliver malware. The Windows Search protocol is a ...
Bleeping Computer

Hackers abuse Windows error reporting tool to deploy malware

When WerFault.exe is launched, it will use a known DLL sideloading flaw to load the malicious 'faultrep.dll' DLL contained in the ISO. Normally, the 'faultrep.dll' file is a legitimate DLL by ...