
We discovered a new version of SLUB delivered via another unique watering hole website. This malicious site used CVE-2019-0752, an Internet Explorer vulnerability discovered by Trend Micro’s Zero Day Initiative (ZDI) that was just patched this April. This is the first time we found this exploit used in the wild. This new version of the SLUB malware has stopped using GitHub as a way to communicate, heavily using Slack instead via two free workspaces.
Read More