Computerworld

Critical Windows vuln. in .LNK files = Stuxnet (and IE IV)

Eeek! All versions of Microsoft Windows have a nasty shortcut-file vulnerability, it has emerged. Simply displaying the icon of a crafty .LNK file will cause malware infection. The Stuxnet worm has ...
Bleeping Computer

Malicious Windows 'LNK' attacks made easy with new Quantum builder

Malware researchers have noticed a new tool that helps cybercriminals build malicious .LNK files to deliver payloads for the initial stages of an attack. LNKs are Windows shortcut files that can ...
Hosted on MSN

Microsoft isn't fixing 8-year-old shortcut exploit abused for spying

An exploitation avenue found by Trend Micro in Windows has been used in an eight-year-long spying campaign, but there's no sign of a fix from Microsoft, which apparently considers this a low priority.
Arabian Post on MSN

Chollima hackers expand phishing with stealth LNK malware

A coordinated cyber-espionage campaign attributed to the Chollima advanced persistent threat group has drawn attention from security researchers after attackers used malicious Windows shortcut files ...
CSOonline

New Windows zero-day feared abused in widespread espionage for years

A zero-day vulnerability stemming from how Windows User Interface handles its shortcut (.lnk) files has been exploited by at least 11 nation-state actors in widespread threat campaigns. According to ...
Ars Technica

Can someone analyze this MALWARE string?

It's not particularly surprising, as that bit of code doesn't actually seem to contain the malware. It's shady as all fuck, but it depends on the existence of the .lnk file to actually do anything. If ...
Infosecurity-magazine.com

Windows Shortcut Flaw Exploited by 11 State-Sponsored Groups

A newly discovered cyber vulnerability, ZDI-CAN-25373, has been actively exploited by 11 state-sponsored threat groups from North Korea, Iran, Russia and China since 2017. According to the Trend Zero ...