Windows 0 day exploited in US local govt phishing attacks

Windows zero-day exploited in US local govt phishing attacks. Being the targets of a phishing campaign using malicious Rich Text Format (RTF) documents designed to exploit a critical Windows zero-day vulnerability known as Follina.

1 Like

The rtf is blocked by most AV and the work around is to remove the ms-msft key from hkcr. The work around has been out for over a week. The is CVE 2022 30190.

That’s why governments should use linux

You can get phished on ubuntu too and I’ve seen a lot more Linux malware being made lately targeting infrastructure. It’s not like there’s no Linux malware, but there’s not a lot of Linux AV/EDR so there’s a nice gap there. So let’s give the users something they don’t understand, have the help desk try their best with it, and start cobbling together some good logging and monitoring because linux is more secure?