Menlo Labs has uncovered a increase in a drive-by attack that impersonates legitimate browser, Flash, and Microsoft Teams updates
In the last two months, the Menlo Labs team has witnessed a surge in drive-by download attacks that use the “SocGholish” framework to infect victims. This particular framework is known to be widely used to deliver malicious payloads by masquerading as a legitimate software update. Isolation prevents this type of attack from delivering its payload to the endpoint. Here’s what we know.