Microsoft has announced recent detection of a state sponsored actor HAFNIUM using an unpatched vulnerability to exploit scheduled tasks to compromise Windows environments via scheduled tasks.
The scheduled tasks are "hidden" due to a registry setting. Subsequent actions hide the scheduled task artifacts and provide persistence across reboots.
For more information see this Microsoft article.
No comments:
Post a Comment