Browsing tag
Attackers are weaponizing an old Microsoft Office vulnerability as part of phishing campaigns to distribute a strain of malware called Agent Tesla. The infection chains leverage decoy Excel documents attached in invoice-themed messages to trick potential targets into opening them and activate the exploitation of CVE-2017-11882 (CVSS score: 7.8), a memory corruption vulnerability in Office’s […]
Microsoft’s decision to block Visual Basic for Applications (VBA) macros by default for Office files downloaded from the internet has led many threat actors to improvise their attack chains in recent months. Now according to Cisco Talos, advanced persistent threat (APT) actors and commodity malware families alike are increasingly using Excel add-in (.XLL) files as […]
A social engineering campaign leveraging job-themed lures is weaponizing a years-old remote code execution flaw in Microsoft Office to deploy Cobalt Strike beacons on compromised hosts. “The payload discovered is a leaked version of a Cobalt Strike beacon,” Cisco Talos researchers Chetan Raghuprasad and Vanja Svajcer said in a new analysis published Wednesday. “The beacon […]
Microsoft has officially resumed blocking Visual Basic for Applications (VBA) macros by default across Office apps, weeks after temporarily announcing plans to roll back the change. “Based on our review of customer feedback, we’ve made updates to both our end user and our IT admin documentation to make clearer what options you have for different […]
A newly observed phishing campaign is leveraging the recently disclosed Follina security vulnerability to distribute a previously undocumented backdoor on Windows systems. “Rozena is a backdoor malware that is capable of injecting a remote shell connection back to the attacker’s machine,” Fortinet FortiGuard Labs researcher Cara Lin said in a report this week. Tracked as […]
A “dangerous piece of functionality” has been discovered in Microsoft 365 suite that could be potentially abused by a malicious actor to mount attacks on cloud infrastructure and ransom files stored on SharePoint and OneDrive. The cloud ransomware attack makes it possible to launch file-encrypting malware to “encrypt files stored on SharePoint and OneDrive in […]
A suspected state-aligned threat actor has been attributed to a new set of attacks exploiting the Microsoft Office “Follina” vulnerability to target government entities in Europe and the U.S. Enterprise security firm Proofpoint said it blocked attempts at exploiting the remote code execution flaw, which is being tracked as CVE-2022-30190 (CVSS score: 7.8). No less […]
An advanced persistent threat (APT) actor aligned with Chinese state interests has been observed weaponizing the new zero-day flaw in Microsoft Office to achieve code execution on affected systems. “TA413 CN APT spotted [in-the-wild] exploiting the Follina zero-day using URLs to deliver ZIP archives which contain Word Documents that use the technique,” enterprise security firm […]
Cybersecurity researchers are calling attention to a zero-day flaw in Microsoft Office that could be abused to achieve arbitrary code execution on affected Windows systems. The vulnerability came to light after an independent cybersecurity research team known as nao_sec uncovered a Word document (“05-2022-0438.doc“) that was uploaded to VirusTotal from an IP address in Belarus. […]
Microsoft on Monday said it’s taking steps to disable Visual Basic for Applications (VBA) macros by default across its products, including Word, Excel, PowerPoint, Access, and Visio, for documents downloaded from the web in an attempt to eliminate an entire class of attack vector. “Bad actors send macros in Office files to end users who […]
Microsoft on Tuesday warned of an actively exploited zero-day flaw impacting Internet Explorer that’s being used to hijack vulnerable Windows systems by leveraging weaponized Office documents. Tracked as CVE-2021-40444 (CVSS score: 8.8), the remote code execution flaw is rooted in MSHTML (aka Trident), a proprietary browser engine for the now-discontinued Internet Explorer and which is […]
A recent wave of spear-phishing campaigns leveraged weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript implant, against a point-of-sale (PoS) service provider located in the U.S. The attacks, which are believed to have taken place between late June to late July 2021, have been attributed with […]
An Iranian cyberespionage group masqueraded as an aerobics instructor on Facebook in an attempt to infect the machine of an employee of an aerospace defense contractor with malware as part of a years-long social engineering and targeted malware campaign. Enterprise security firm Proofpoint attributed the covert operation to a state-aligned threat actor it tracks as […]
Malware delivery trends change every day. For the last few years, we have observed various hacker groups like ( APT12 to Turla ) uses various techniques to deliver malware on the system or network. One of the best technique hackers groups used is to write malicious code and obfuscate it and embed with Office documents […]
Windows licenses are usually expensive. For example, for an original license of Microsoft’s “Windows 10 Pro” in the official Microsoft store 199.99$ payable. A cheaper alternative is the key marketplace Whokeys.com. Here you can save on licenses for software or games properly! Whokeys is a global marketplace for all types of keys. So Whokeys is […]
Since its enter into force just over a year ago, multiple technology companies have had serious problems complying with the European Union General Data Protection Regulation (GDPR), which could have serious financial consequences an irreversible image damages, data protection specialists say. Now, the Dutch Ministry of Justice and Security’s decision to suspend the use of […]
Are you using LibreOffice? You should be extra careful about what document files you open using the LibreOffice software over the next few days. That’s because LibreOffice contains a severe unpatched code execution vulnerability that could sneak malware into your system as soon as you open a maliciously-crafted document file. LibreOffice is one of the […]
A list of the top 10 most exploited vulnerabilities in 2018 has revealed that Microsoft Office was the favorite victim of cybercriminals. Microsoft Office vulnerabilities appear 8 times in the list with one Adobe Flash Player vulnerability and an AndroidRAT cyber vulnerability being the only mobile device flaw in the list. Recorded Future The list has been […]
Back at Ignite Conference last September, Microsoft announced a number of new features for its Office apps. One of the feature “Insert Data from Picture” teased at the event is finally rolling out to users. The new feature uses Microsoft image-recognition functionality to read a picture’s table data and turn it into an Excel Spreadsheet. The feature is […]
Malicious campaign operators have devised a new method for sending documents with malicious files Phishing campaign operators found ways to prevent malware-loaded Office documents from being detected by some security software solutions; according to network security and ethical hacking specialists from the International Institute of Cyber Security, attackers are deleting links from the relationship file […]
Microsoft said it has started rolling out the redesigned Office app to Windows 10 PCs and in the coming weeks, it will land on all the supported devices that run the current version of Windows 10. The company has been testing the app with the Insider community since December 2018. And it will replace the […]