Macro – Page 16 – WindowsTechs.com

Hancitor: fileless attack with a kernel trick

Posted on March 13, 2018 by Malwarebytes Labs

Evading detection when distributing payloads is a key part of an effective malware campaign. Hancitor shows that it has yet another trick up its sleeve for that.
Categories:

Malware
Threat analysis

Tags: filelessHancitormacromalwarepayloads

… Continue reading Hancitor: fileless attack with a kernel trick→

A Keyboard To Stomp On

Posted on January 19, 2018 by Lewin Day

Macros are useful things. They allow one to execute a series of commands with a single keypress. There exists a wide variety of hardware and software solutions to create and use macros to improve your workflow, and now [Evan] has brought the open-source ManyKey into the fray, along with a build tutorial to boot.

The tutorial acts as a great introduction to ManyKey, as [Evan] walks through the construction of a macro keyboard designed to be operated by the feet. Based around the Arduino Leonardo and using off-the-shelf footswitches commonly used in guitar effects, it’s accessible while still hinting at …read more

Continue reading A Keyboard To Stomp On→

Man-in-the-Middle Jog Pendant: Two Parts Make Easier Dev Work

Posted on January 11, 2018 by Donald Papp

In a project, repetitive tasks that break the flow of development work are incredibly tiresome and even simple automation can make a world of difference. [Simon Merrett] ran into exactly this while testing different stepper motors in a strain-wave gear project. The system that drives the motor accepts G-Code, but he got fed up with the overhead needed just to make a stepper rotate for a bit on demand. His solution? A grbl man-in-the-middle jog pendant that consists of not much more than a rotary encoder and an Arduino Nano. The unit dutifully passes through any commands received from a …read more

Continue reading Man-in-the-Middle Jog Pendant: Two Parts Make Easier Dev Work→

[SANS ISC] Microsoft Office VBA Macro Obfuscation via Metadata

Posted on December 16, 2017 by Xavier

I published the following diary on isc.sans.org: “Microsoft Office VBA Macro Obfuscation via Metadata“: Often, malicious macros make use of the same functions to infect the victim’s computer. If a macro contains these strings, it can be flagged as malicious or, at least, considered as suspicious. Some examples of suspicious functions

[The post [SANS ISC] Microsoft Office VBA Macro Obfuscation via Metadata has been first published on /dev/random]

Continue reading [SANS ISC] Microsoft Office VBA Macro Obfuscation via Metadata→

MS Office’ Default Function Can Be Used to Create Self-Replicating Malware

Posted on November 24, 2017 by Waqas

By Waqas
Italian security researcher Lino Antonio Buono discovered a security flaw
This is a post from HackRead.com Read the original post: MS Office’ Default Function Can Be Used to Create Self-Replicating Malware
Continue reading MS Office’ Default Function Can Be Used to Create Self-Replicating Malware→

Old MS Office feature weaponized in malspam attacks

Posted on October 17, 2017 by Jérôme Segura

An old Microsoft Office feature has been brought back to the forefront as way to distribute malware without relying on macros or exploits.
Categories:

Malware
Threat analysis

Tags: DDEDDEAUTOmacromalspammalwaremicrosoftOfficeword

[SANS ISC] Base64 All The Things!

Posted on October 9, 2017 by Xavier

I published the following diary on isc.sans.org: “Base64 All The Things!“. Here is an interesting maldoc sample captured with my spam trap. The attached file is “PO# 36-14673.DOC” and has a score of 6 on VT. The file contains Open XML data that refers to an invoice.. [Read more]

[The post [SANS ISC] Base64 All The Things! has been first published on /dev/random]

Continue reading [SANS ISC] Base64 All The Things!→

Fake Bank Of Scotland Important – Account Documents malspam delivers trickbot banking trojan

Posted on October 6, 2017 by Myonlinesecurity

An email with the subject of Important – Account Documents pretending to come from Bank Of Scotland but actually coming from a look-a-like domain Bank of Scotland <secure@bankofscotIand.com> or Bank of Scotland <secure@bankofscotlanddocs.com> with a malicious word doc attachment is today’s latest spoof of a well-known company, bank or public … Continue reading → Continue reading Fake Bank Of Scotland Important – Account Documents malspam delivers trickbot banking trojan→

Fake HSBC Important – Payment Advice delivers trickbot banking trojan

Posted on October 5, 2017 by Myonlinesecurity

An email with the subject of Important – Payment Advice pretending to come from HSBC but actually coming from a look-a-like domain HSBC <no-reply@hsbcpaymentadvice.com> or HSBC <no-reply@hsbcadvice.com> with a malicious word doc attachment is today’s latest spoof of a well-known company, bank or public authority delivering Trickbot banking Trojan They are using … Continue reading → Continue reading Fake HSBC Important – Payment Advice delivers trickbot banking trojan→

another fake order email with rtf attachment delivers malware

Posted on October 2, 2017 by Myonlinesecurity

An email with the subject of Fwd: Re: Order pretending to come from info@anashin.am with a malicious word doc attachment delivers malware They are using email addresses and subjects that will scare or entice a user to read the email and open the attachment. A very high proportion are being targeted at … Continue reading → Continue reading another fake order email with rtf attachment delivers malware→