DDE – WindowsTechs.com

[SANS ISC] Dynamic Data Exchange (DDE) is Back in the Wild?

Posted on February 19, 2021 by Xavier

I published the following diary on isc.sans.edu: “Dynamic Data Exchange (DDE) is Back in the Wild?‘”: DDE or “Dynamic Data Exchange” is a Microsoft technology for interprocess communication used in early versions of Windows and OS/2. DDE allows programs to manipulate objects provided by other programs, and respond to user actions affecting those objects. FOr a while,

The post [SANS ISC] Dynamic Data Exchange (DDE) is Back in the Wild? appeared first on /dev/random.

Continue reading [SANS ISC] Dynamic Data Exchange (DDE) is Back in the Wild?→

New Microsoft Excel Attack Vector Surfaces

Posted on June 27, 2019 by Tom Spring

Researchers have identified security hole in Microsoft Office’s Excel spreadsheet program that allows an attacker to trigger a malware attack on remote systems. Continue reading New Microsoft Excel Attack Vector Surfaces→

[SANS ISC] More Excel DDE Code Injection

Posted on September 28, 2018 by Xavier

I published the following diary on isc.sans.edu: “More Excel DDE Code Injection“: The “DDE code injection” technique is not brand new. DDE stands for “Dynamic Data Exchange”. It has already been discussed by many security researchers. Just a quick reminder for those who missed it. In Excel, it is possible to

[The post [SANS ISC] More Excel DDE Code Injection has been first published on /dev/random]

Continue reading [SANS ISC] More Excel DDE Code Injection→

In this episode of Tradecraft Security Weekly, Mike Felch talks with Beau Bullock about the possibilities of using framesets in MS Office documents to send Windows password hashes remotely across the Internet. This technique has the ability to bypass m… Continue reading Leaking Windows Creds Externally via MS Office – Tradecraft Security Weekly #21→

Microsoft Patches 20 Critical Vulnerabilities

Posted on November 14, 2017 by Tom Spring

This month, Microsoft’s Patch Tuesday updates tackle fixes for 53 security bugs in Windows, Office, Internet Explorer, Edge, ASP.NET Core, .NET Core, and its Chackra Core browser engine. Continue reading Microsoft Patches 20 Critical Vulnerabilities→

Microsoft issues advisory to users after macro-less malware attacks

Posted on November 9, 2017 by Graham Cluley

Hackers have been found exploiting a freshly-uncovered vulnerability in Microsoft’s software to install malware on business computers.
Read more in my article on the Tripwire State of Security blog.
Continue reading Microsoft issues advisory to users after macro-less malware attacks→

Microsoft issues advisory to users after macro-less malware attacks

Posted on November 9, 2017 by Graham Cluley

Hackers have been found exploiting a freshly-uncovered vulnerability in Microsoft’s software to install malware on business computers.
The post Microsoft issues advisory to users after macro-less malware attacks appeared first on The State of Security…. Continue reading Microsoft issues advisory to users after macro-less malware attacks→

Just say “No!” – how to stop the DDE email attack [VIDEO]

Posted on October 23, 2017 by Paul Ducklin

The DDE attack sounds scary – no macros, no tell-tale scripts, no attachment needed. Learn what to look for and how to stop an attack. Continue reading Just say “No!” – how to stop the DDE email attack [VIDEO]→

Category Archives: DDE

[SANS ISC] Dynamic Data Exchange (DDE) is Back in the Wild?

New Microsoft Excel Attack Vector Surfaces

[SANS ISC] More Excel DDE Code Injection

Adwind RAT Scurries By AV Software With New DDE Variant

New Dridex Variant Emerges With An FTP Twist

Leaking Windows Creds Externally via MS Office – Tradecraft Security Weekly #21

Microsoft Patches 20 Critical Vulnerabilities

Microsoft issues advisory to users after macro-less malware attacks

Microsoft issues advisory to users after macro-less malware attacks

Just say “No!” – how to stop the DDE email attack [VIDEO]