Computerworld

Critical Windows vuln. in .LNK files = Stuxnet (and IE IV)

Eeek! All versions of Microsoft Windows have a nasty shortcut-file vulnerability, it has emerged. Simply displaying the icon of a crafty .LNK file will cause malware infection. The Stuxnet worm has ...
Bleeping Computer

Malicious Windows 'LNK' attacks made easy with new Quantum builder

Malware researchers have noticed a new tool that helps cybercriminals build malicious .LNK files to deliver payloads for the initial stages of an attack. LNKs are Windows shortcut files that can ...
Threat Post

USB-based Wormable Malware Targets Windows Installer

Activity dubbed ‘Raspberry Robin’ uses Microsoft Standard Installer and other legitimate processes to communicate with threat actors and execute nefarious commands. Wormable malware dubbed Raspberry ...
CSOonline

Attackers move away from Office macros to LNK files for malware delivery

Barriers that Microsoft has placed to prevent malicious macros has forced some cybercriminals to use LNK files for malware delivery, but at the cost of easier detection. For years attackers have used ...
CSOonline

New Windows zero-day feared abused in widespread espionage for years

A zero-day vulnerability stemming from how Windows User Interface handles its shortcut (.lnk) files has been exploited by at least 11 nation-state actors in widespread threat campaigns. According to ...
Bleeping Computer

QBot phishing abuses Windows Control Panel EXE to infect devices

Phishing emails distributing the QBot malware are using a DLL hijacking flaw in the Windows 10 Control Panel to infect computers, likely as an attempt to evade detection by security software. DLL ...