Bleeping Computer

Emotet malware now installs via PowerShell in Windows shortcut files

The Emotet botnet is now using Windows shortcut files (.LNK) containing PowerShell commands to infect victims computers, moving away from Microsoft Office macros that are now disabled by default. The ...
Computerworld

Windows shortcut files targeted by ransomware gang Global Group

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in exploits, defenders might have hoped use of this tactic would decline. They were ...
CSOonline

Windows shortcuts’ use as a vector for malware may be cut short

A third-party patch management company is cutting short attackers’ use of LNK files to smuggle in malicious commands, while Microsoft prefers to tell the whole story. A longstanding problem with the ...
Dark Reading

North Korean APT Gets Around Macro-Blocking With LNK Switch-Up

North Korea's APT37 threat group is providing fresh evidence of how adversaries have pivoted to using LNK, or shortcut files, to distribute malicious payloads after Microsoft began blocking macros by ...