Aug 26 2024 04:41 PM
Hi.
Not sure if this is the right place for this. Does anyone know / have come across, a vulnerability that follows this user journey:
1. Meeting Request Sent to victim via third party
2. Meeting commences
3. Third party accesses victim device (that meeting is taking place on) + devices connected to the network + has ability to modify, delete, add files on network connected devices + schedule events to take place on devices connected to the network.
When experienced the victim witnesses and major increase in CPU and Memory Useage + activity in applications managed at the enterprise level (Adobe Creative Cloud, N-Able, Citrix).
Connected to the attack, the victim also notices otherwise non-malicious scripts launching from PDF and Image documetns that the Third Party had sent in the lead up.