State-sponsored hacking groups, also known as advanced persistent threats (APTs), have adopted this year a new attack technique called “RTF Template Injection,” which has brought a new twist and made their attacks harder to detect and stop. In a report today, email security firm Proofpoint said that APTs from China, Russia, and India are already exploiting this technique, which they also expect to see adopted by financially-motivated threat actors as well. What is RTF Template…

Researchers are warning of a new phishing attack technique, where attackers leverage a legitimate template functionality in the Rich Text Format (RTF) file format in order to retrieve malicious payloads from a remote URL. The attack was observed as early as January, but since then researchers with Proofpoint have observed advanced persistent threat (APT) actors increasingly adopting the phishing tactic in the second and third quarter of 2021. Researchers warn that the simplicity of the…

You consider yourself a responsible person when it comes to taking care of your physical possessions. You’ve never left your wallet in a taxi or lost an expensive ring down the drain. You never let your smartphone out of your sight, yet one day you notice it’s acting oddly.   Did you know that your device can fall into cybercriminals’ hands without ever leaving yours? SIM swapping is a method that allows criminals to take control of your smartphone and break into your online accounts.  Don’t worry:…

You consider yourself a responsible person when it comes to taking care of your physical possessions. You’ve never left your wallet in a taxi or lost an expensive ring down the drain. You never let your smartphone out of your sight, yet one day you notice it’s acting oddly.   Did you know that your device can fall into cybercriminals’ hands without ever leaving yours? SIM swapping is a method that allows criminals to take control of your smartphone and break into your online accounts.  Don’t worry:…

Tripwire’s November 2021 Patch Priority Index (PPI) brings together important vulnerabilities for open-source software components and Microsoft. First on the patch priority list this month are patches for Open Management Infrastructure (CVE-2021-38648, CVE-2021-38647), Eclipse Jetty (CVE-2021-28164), and ExifTool (CVE-2021-22204). Exploits for these vulnerabilities have been recently added to the Metasploit Exploit Framework. These systems should be patched as soon as possible. Up next is a patch for Microsoft Edge (Chromium-based) and Windows Scripting that resolves…

Three APT hacking groups from India, Russia, and China, were observed using a novel RTF (rich text format) template injection technique in their recent phishing campaigns. This technique is a simple yet effective method to retrieve malicious content from a remote URL, and threat analysts expect it to reach a wider audience of threat actors soon. Researchers at Proofpoint spotted the first cases of weaponized RTF template injection in March 2021, and since then, actors…