Russian Hackers Weaponize Microsoft Office Bug in Just 3 Days
APT28's attacks rely on specially crafted Microsoft Rich Text Format (RTF) documents to kick off a multistage infection chain to deliver malicious payloads.
Malicious Payload reporting covers malware components, analysis, infrastructure, disruption, and defensive guidance.
Search across headline titles and summaries.
Background for this topic.
A malicious payload is the code, command, or data in an attack that performs the attacker’s intended action after it reaches a system. It may be a script, executable, document content, or exploit-controlled input that steals information, changes or destroys files, enables unauthorized access, or disrupts services. The term describes the harmful component, not necessarily how it was delivered.
Payloads matter because their behavior determines the practical impact of a vulnerability or delivery event. Useful controls include application allowlisting, script and macro restrictions, attachment and download inspection, endpoint monitoring, and timely patching of software that could execute hostile input. During an investigation, analysts should preserve the payload safely, identify its execution path and observable indicators, isolate affected systems, and check for related activity. Treating suspicious files and commands as untrusted until analyzed helps reduce both execution risk and accidental spread.
Weekly headline count for the current query.
APT28's attacks rely on specially crafted Microsoft Rich Text Format (RTF) documents to kick off a multistage infection chain to deliver malicious payloads.
The persistent infostealer's latest campaign inserts fake CAPTCHA pages into legitimate applications, fooling users into executing the malicious payload, researchers find.
An exploit sold on an underground forum requires user action to download an unspecified malicious payload.
For a while, the botnet spread but did essentially nothing. All the malicious payloads came well after.
Credential-stealing emails are getting past artificial intelligence's "known good" email security controls by cloaking malicious payloads within seemingly benign emails. The tactic poses a significant threat to enterprise networks.
The use of QR codes to deliver malicious payloads jumped in Q4 2023, especially against executives, who saw 42 times more QR code phishing than the average employee.