Researchers spotted a new Office malware builder, tracked as APOMacroSploit, that was employed in a campaign targeting more than 80 customers worldwide. Researchers from security firm Check Point uncovered a new Office malware builder called APOMacroSploit, which was employed in attacks that targeted more than 80 customers worldwide. APOMacroSploit is a macro builder that was […]
Microsoft is warning of an active spam campaign targeting European languages that leverages an exploit to infect simply by opening the attachment. Microsoft issued a warning on Friday about an ongoing spam campaign that is targeting European users. Spam messages are carrying weaponized RTF documents that could infect users with malware without any user interaction, […]
Security experts from FireEye have spotted a new strain of the Zyklon malware that has been delivered by using new vulnerabilities in Microsoft Office. Researchers at FireEye reported the malware was used in attacks against organizations in the telecommunications, financial, and insurance sectors. Zyklon has been spotted for the first time in 2016, it is a publicly available […]
Microsoft has released the January 2018 Patch Tuesday security updates, containing fixes for 56 vulnerabilities including the zero-day vulnerability CVE-2018-0802 in MS Office. Microsoft has released the January 2018 Patch Tuesday security updates, containing fixes for 56 vulnerabilities including a zero-day vulnerability in MS Office. 16 security updates are rated as critical, 38 as important, 1 […]
Ops, a 17-Year-Old flaw in MS Office, tracked as CVE-2017-11882, could be exploited by remote attackers to install a malware without user interaction. Ops, a 17-Year-Old vulnerability in MS Office could be exploited by remote attackers to install a malware without user interaction. The flaw is a memory-corruption issue that affects all versions of Microsoft […]
Microsoft October Patch Tuesday addresses the CVE-2017-11826 Office Zero-Day vulnerability that has been exploited in the wild in targeted attacks. Yesterday we discussed Microsoftâs October Patch Tuesday addressed three critical zero-day security vulnerabilities tied to the DNSSEC protocol. Going deep in the analysis of the Patch Tuesday updates for October 2017 we can see that Microsoft addressed […]
According to Trend Micro, cyber criminals abuse the CVE-2017-0199 vulnerability to deliver malware via PowerPoint Slide Show. In April Microsoft fixed the CVE-2017-0199  vulnerability in Office after threat actors had been exploiting it in the wild. Hackers leveraged weaponized Rich Text File (RTF) documents exploiting a flaw in Officeâs Object Linking and Embedding (OLE) interface to deliver malware such […]
Microsoft has released the month’s Microsoft Patch Tuesday that has fixed 33 vulnerabilities, most of them critical and affecting Internet Explorer. Here we are to discuss the last month’s Microsoft Patch Tuesday that this month fixed for 33 vulnerabilities, most of them affecting Internet Explorer. The experts warned that that many of the vulnerabilities are critical and […]
Experts at Bitdefender have discovered a spam campaign that tricks antispam filters by relying on macros in Empty Word Documents. Security experts at BitDefender observed a new tactic adopted by spammers that rely on emails with an empty Word document in the attachment to bypass anti-spam filters. The social engineering strategy adopted by spammers to lure victims into […]