Homeland Security Today

The Missing LNK — Correlating User Search LNK Files

Forensic investigators use LNK shortcut files to recover metadata about recently accessed files, including files deleted after the time of access. In a recent investigation, FireEye Mandiant ...
CSOonline

Attackers move away from Office macros to LNK files for malware delivery

Barriers that Microsoft has placed to prevent malicious macros has forced some cybercriminals to use LNK files for malware delivery, but at the cost of easier detection. For years attackers have used ...
Bleeping Computer

Emotet malware now installs via PowerShell in Windows shortcut files

The Emotet botnet is now using Windows shortcut files (.LNK) containing PowerShell commands to infect victims computers, moving away from Microsoft Office macros that are now disabled by default. The ...
PC World

Beware! Malware distributors are switching to less suspicious file types

After aggressively using JavaScript email attachments to distribute malware for the past year, attackers are now switching to less suspicious file types to trick users. Last week, researchers from the ...
Bleeping Computer

As Microsoft blocks Office macros, hackers find new attack vectors

We have reported on the use of LNK files by Emotet, Qbot, and IcedID, in all cases masquerading as a Word document to trick the recipient into opening it. However, these link files can be used to ...
heise online

Windows Zero-Day Vulnerability Exploited Against Diplomats During LNK Display

A Zero-Day Vulnerability in the Display of LNK Files in Windows became known at the end of August this year. Microsoft currently plans no fix and does not classify it as highly risky, unlike Trend ...