Analysis of the CVE-2018-8373 0day vulnerability attack related to the Darkhotel gang
released on 2018-08-17 @ 08:20:03 AM
On August 15, 2018, cybersecurity company Trend Micro disclosed an in-the-day 0day vulnerability attack that it captured in July this year. The attack exploited the code execution vulnerability of Windows VBScript Engine. After analysis and comparison, the 0day vulnerability and 2018 were discovered. In April, the 360 company first discovered the "double kill" vulnerability that affects IE browser and attacks through Office documents (see [1] for details). It uses multiple identical attack technologies, most likely the same gang.