Pierluigi Paganini August 15, 2017
CVE-2017-0199: Crooks exploit PowerPoint Slide Show files to deliver malware

According to Trend Micro, cyber criminals abuse the CVE-2017-0199 vulnerability to deliver malware via PowerPoint Slide Show. In April Microsoft fixed the CVE-2017-0199  vulnerability in Office after threat actors had been exploiting it in the wild. Hackers leveraged weaponized Rich Text File (RTF) documents exploiting a flaw in Office’s Object Linking and Embedding (OLE) interface to deliver malware such […]

Pierluigi Paganini May 03, 2017
Chinese TA459 APT exploits CVE-2017-0199 flaw to target Financial firms

Malware researchers at security firm ProofPoint reported the Chinese TA459 APT has exploited the CVE-2017-0199 vulnerability to target Financial firms. The notorious cyber espionage group tracked as TA459 APT has targeted analysts working at major financial firms using the recently patched  CVE-2017-0199 Microsoft Office vulnerability. Experts at Proofpoint published a detailed analysis of the espionage campaign conducted […]

Pierluigi Paganini April 13, 2017
CVE-2017-0199 Zero Day exploit used to deliver FINSPY spyware

Security researchers at FireEye discovered that the Microsoft Word CVE-2017-0199 exploit was linked to cyberspying in Ukraine conflict. The zero-day vulnerability in Microsoft Office that was recently fixed by Microsoft was used to deliver a surveillance malware to Russian-speaking targets. Security experts from firm FireEye spotted the targeted attacks leveraging specifically crafted Microsoft Word documents that […]

Pierluigi Paganini April 12, 2017
Microsoft Patch Tuesday fixes three flaws actively exploited in attacks in the wild

Today Microsoft Patch Tuesday fixed the zero-day Word vulnerability that has been actively exploited in attacks in the wild. Microsoft today patched the zero-day Word vulnerability that has been exploited in attacks in the wild. Just yesterday I wrote about a phishing campaign leveraging the flaw to deliver the Dridex banking Trojan. Microsoft published security […]