In this week’s review:
- A DFIR Report with no Ransomware and no Cobalt Strike
- Path Traversal & MOTW Bypass – DIAGCAB Windows Zero-day aka “Dogwalk”
- Linux version of Black Basta ransomware targets VMware ESXi servers
- TA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit (ms-msdt)
If you’re on to go, listen here or on your favorite podcast app: https://cyberthreatperspective.buzzsprout.com/1731753/10771949-june-10th-2022-ctp-week-in-review-dogwalk-qakbot-follina-esxi-ransomware
Blog:Â https://offsec.blog/
Youtube:Â https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfw
Twitter:Â https://twitter.com/cyberthreatpov
Work with Us:Â https://securit360.com