A zip attachment contains a img with an exe: the malware. The other, a pdf downloading a zip with an exe: the same malware. The data is exfiltrated via SMTP.
Cyber Security, zero-day vulnerability in Cisco RV042 and RV042G routers
Cisco RV042 and RV042G routers suffer a zero-day vulnerability: the CVE-2020-3431. CyCognito experts: A Cross-Site Scripting (XSS) flaw gives cybercrime an easy path for taking control of a router administrator’s web configuration utility. The issue has been fixed with a patch
Cisco RV042 and RV042G routers suffer a zero-day vulnerability: the CVE-2020-3431. It has been discovered by CyCognito cyber security experts. It’s a Cross-Site Scripting (XSS) flaw, due to insufficient validation of user-supplied input by the web-based management interface of the affected software. It gives attackers an easy path for taking control of a router administrator’s web configuration utility, a position that allows them to perform all admin actions, from viewing and modifying sensitive information to taking control of the router or having the ability to move laterally and gain access to other systems, as well as the ability to phish for credentials. The researchers notified the problem to the manufacturer and then worked together with it on the issue. The company, in fact, recently released a patch that solves it.