Threat Advisories

The surge of cryptojacking campaigns

October 12, 2022

Threat Level

Attack Report

For a detailed threat advisory, download the pdf file here

Summary

Recent cryptojacking campaigns disclosed that intruders exploited DLL Side-Loading issues in Microsoft OneDrive by writing a fake secur32.dll file to establish persistence and operate undetected on compromised systems.

POLONIUM employs backdoors to target Israel

Did Patch Tuesday address the zero-day flaw in Microsoft Exchange