A remote code execution (RCE) vulnerability CVE-2022-30190, known as "Follina", is affecting the Microsoft Support Diagnostic Tool (MSDT) in Windows. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application.
Conti is a ransomware-as-a-service (RaaS) group, which allows affiliates to rent access to its infrastructure to launch attacks. This group has encrypted the networks of hospitals, businesses and government agencies, and in many cases, receiving a significant ransom payment in exchange for the decryption key.
Security research has discovered a new malware campaign that disguises itself in the form of a Windows 10 Pro license activator. It is a remote access trojan known as BitRAT and is being distributed via webhards, which are an online file sharing services popular in South Korea.