Spoofed IRS notice delivers RAT through link updating trick
The malware delivery trick involving updating links in Word documents is apparently gaining some traction: the latest campaign to use it likely takes the form of fake emails …
MS Office
Patch Tuesday: 80+ vulnerabilities fixed, one exploited in the wild
As part of its regular, monthly Patch Tuesday update, Microsoft has released patches for 81 new vulnerabilities, including a zero-day in the .NET Framework. The September …
Attackers turn to auto-updating links instead of macros to deliver malware
SANS ISC handler Xavier Mertens has flagged and analyzed a malicious Word file that, somehow, is made to automatically download an additional malicious RTF file, ultimately …
Microsoft fixes 25 critical issues in August Patch Tuesday
The Microsoft August 2017 Patch Tuesday update has landed and contains patches for 48 vulnerabilities, 25 of which are for critical issues. 27 of the vulnerabilities can be …
New PowerPoint malware delivery technique tested by spammers
A spam run detected by several security companies has attempted to deliver malware through an innovative technique: a link in a PowerPoint slideshow. The attack unfolds like …
MS Office zero-day is used to infect millions of users with Dridex
The still unpatched MS Office zero-day vulnerability publicized by McAfee and FireEye researchers this weekend is being exploited to deliver the infamous Dridex banking …
MS Office zero-day exploited in attacks – no enabling of macros required!
A new zero-day flaw affecting all versions of Microsoft Office is being exploited in attacks in the wild, and no user is safe – not even those who use a fully patched …
AKBuilder: A builder for exploit-laden Word documents
One doesn’t have to be a great coder to become a successful cybercriminal, as underground markets are filled with offerings that automate one or another step of an …
Post-pumpkin Patch Tuesday: What’s in store for November
There has been a lot of activity since October’s Patch Tuesday. During that short period of time, Oracle released its quarterly CPU, including an update for Java JRE; Adobe …
October Patch Tuesday: Changes, urgent updates and what’s coming next
The leaves aren’t the only things changing this October. Patch Tuesday is here and with it comes some interesting updates from big names in the software space. This month, …
