New Microsoft Word zero day used in Russian-language spyware campaign, analysts say
A well-funded spy group appears to have recently acquired a highly sophisticated zero day vulnerability and used it to deploy a remote access trojan against a Russian-speaking “entity,” according to evidence discovered by U.S. cybersecurity firm FireEye. Researchers with FireEye found the disruptive software vulnerability, which affects recent versions of Microsoft Word, in July. The trojan, known as FinSpy, is made by infamous surveillance technology firm FinFisher, a blog post by FireEye says. The Word flaw remained unpatched until Tuesday afternoon, when Microsoft issued its monthly security update. This vulnerability, labeled CVE-2017-8759, was used as recently as late August to hack into systems, FireEye analyst Ben Read told CyberScoop. Analysts originally uncovered CVE-2017-8759 while examining a highly targeted phishing email that was written in Russian. The email contained an attachment that when opened exploited a software flaw in the word processor to remotely download FinSpy from a computer server controlled by the attacker. […]
The post New Microsoft Word zero day used in Russian-language spyware campaign, analysts say appeared first on Cyberscoop.
Continue reading New Microsoft Word zero day used in Russian-language spyware campaign, analysts say