Malspam campaigns exploiting recent MS Office vulnerability ‘CVE-2017-11882’ – An Analysis by Quick Heal Security Labs

Credit to Author: Aniruddha Dolas| Date: Mon, 05 Feb 2018 10:12:34 +0000

No wonder malspam campaigns are a major medium to spread malware. Previously, we have written about such campaigns making use of MS Office malware such as malicious macro, CVE-2017-0199, CVE-2017-8759 and DDE-based attack. Recently, we have started observing various malspam campaigns exploiting the latest MS Office vulnerability CVE-2018-11882. Let’s take a look…

Read more

Malspam campaigns exploiting recent MS Office vulnerability ‘CVE-2017-11882’

Credit to Author: Aniruddha Dolas| Date: Mon, 05 Feb 2018 10:12:34 +0000

No wonder malspam campaigns are a major medium to spread malware. Previously, we have written about such campaigns making use of MS Office malware such as malicious macro CVE-2017-0199, CVE-2017-8759 and DDE-based attack. Recently, we have started observing various malspam campaigns exploiting the latest MS Office vulnerability CVE-2018-11882. Let’s take a…

Read more

CVE-2018-4878 – Adobe Flash Player use after free (Zero Day) vulnerability Alert!

Credit to Author: Pradeep Kulkarni| Date: Sat, 03 Feb 2018 09:39:38 +0000

The recent zero-day vulnerability CVE-2018-4878 in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSA18-01 on February 2, 2018 to address this issue. According to Adobe the in wild attack is targeted and it impacts limited windows users….

Read more

Use TeamViewer? Fix this dangerous permissions bug with an update

Credit to Author: Malwarebytes Labs| Date: Wed, 06 Dec 2017 19:42:54 +0000

A potentially dangerous permissions bug in TeamViewer grants unauthorised access to either the client or the server—and patches may take up to a week to fully roll out.

Categories:

Tags:

(Read more…)

The post Use TeamViewer? Fix this dangerous permissions bug with an update appeared first on Malwarebytes Labs.

Read more

An emerging trend of DDE based Office malware – an analysis by Quick Heal Security Labs

Credit to Author: Aniruddha Dolas| Date: Wed, 06 Dec 2017 09:27:30 +0000

For the past few years, we have been seeing macro-based attacks through Object Linking Embedding (OLE)/Microsoft Office files. But, presently, attackers are using a different technique to spread malware through Office files – using a new attack vector called ‘Dynamic Data Exchange (DDE)’. DDE is an authorized Microsoft Office feature that provides several methods for transferring data between applications. Once the communication protocol is established, it doesn’t require user interactions…

Read more

Microsoft Office DDE zero-day: are you protected?

Credit to Author: Bill Brenner| Date: Fri, 13 Oct 2017 20:15:34 +0000

Microsoft Office DDE zero-day enables attacks without using macros.<img alt=”” border=”0″ src=”https://pixel.wp.com/b.gif?host=news.sophos.com&#038;blog=834173&#038;post=43455&#038;subd=sophos&#038;ref=&#038;feed=1″ width=”1″ height=”1″ /><img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/lPxny4w09gk” height=”1″ width=”1″ alt=””/>

Read more

Fake IRS notice delivers customized spying tool

Credit to Author: Jérôme Segura| Date: Thu, 21 Sep 2017 15:00:24 +0000

Threat actors leverage a Microsoft Office exploit to spy on their victims. In this blog post, we will review its delivery mechanism and analyze the malware we observed, a modified version of a commercial Remote Administration Tool (RAT).

Categories:

Tags:

(Read more…)

The post Fake IRS notice delivers customized spying tool appeared first on Malwarebytes Labs.

Read more

Petya-esque ransomware is spreading across the world

Credit to Author: Malwarebytes Labs| Date: Tue, 27 Jun 2017 20:26:29 +0000

Ringing in with echoes of WannaCry, Petya (or Petrwrap, NotPetya), is a new ransomware strain outbreak affecting many users around the world.

Categories:

Tags:

(Read more…)

The post Petya-esque ransomware is spreading across the world appeared first on Malwarebytes Labs.

Read more

WannaCry’s Never Say Die Attitude Keeps It Going!

Credit to Author: Pradeep Kulkarni| Date: Thu, 22 Jun 2017 07:17:59 +0000

Over the past few months, the cybersecurity world was at buzz due to the infamous WannaCry ransomware attack. The attack was launched on a massive scale. The campaign started after the disclosure of NSA exploit leak by a hacker group called Shadow Brokers. Taking advantage of unpatched systems all over…

The post WannaCry’s Never Say Die Attitude Keeps It Going! appeared first on Quick Heal Technologies Security Blog | Latest computer security news, tips, and advice.

Read more