Macro – Page 4 – WindowsTechs.com

[SANS ISC] Malicious PowerPoint Add-On: “Small Is Beautiful”

Posted on April 23, 2021 by Xavier

I published the following diary on isc.sans.edu: “Malicious PowerPoint Add-On: ‘Small Is Beautiful‘”: Yesterday I spotted a DHL-branded phishing campaign that used a PowerPoint file to compromise the victim. The malicious attachment is a PowerPoint add-in. This technique is not new, I already analyzed such a sample in a previous

The post [SANS ISC] Malicious PowerPoint Add-On: “Small Is Beautiful” appeared first on /dev/random.

Continue reading [SANS ISC] Malicious PowerPoint Add-On: “Small Is Beautiful”→

Why does Mitre T1203 technique includes macros as software vulnerabilities?

Posted on April 6, 2021 by borcho

I was reading a recent report about an APT and jumped into this Technique:
https://attack.mitre.org/techniques/T1203/
This technique is called:

Exploitation for Client Execution

And that might match with what a macro is. However, the des… Continue reading Why does Mitre T1203 technique includes macros as software vulnerabilities?→

[SANS ISC] Spotting the Red Team on VirusTotal!

Posted on March 6, 2021 by Xavier

I published the following diary on isc.sans.edu: “Spotting the Red Team on VirusTotal!“: Many security researchers like to use the VirusTotal platform. The provided services are amazing: You can immediately have a clear overview of the dangerousness level of a file but… VirusTotal remains a cloud service. It means that, once you uploaded a

The post [SANS ISC] Spotting the Red Team on VirusTotal! appeared first on /dev/random.

Continue reading [SANS ISC] Spotting the Red Team on VirusTotal!→

[SANS ISC] VBA Macro Trying to Alter the Application Menus

Posted on February 5, 2021 by Xavier

I published the following diary on isc.sans.edu: “VBA Macro Trying to Alter the Application Menus‘”: Who remembers the worm Melissa? It started to spread in March 1999! In information security, it looks like speaking about prehistory but I spotted a VBA macro that tried to use the same defensive technique

The post [SANS ISC] VBA Macro Trying to Alter the Application Menus appeared first on /dev/random.

Continue reading [SANS ISC] VBA Macro Trying to Alter the Application Menus→

[SANS ISC] New Example of XSL Script Processing aka “Mitre T1220”

Posted on February 2, 2021 by Xavier

I published the following diary on isc.sans.edu: “New Example of XSL Script Processing aka ‘Mitre T1220‘”: Last week, Brad posted a diary about TA551. A few days later, one of our readers submitted another sample belonging to the same campaign. Brad had a look at the traffic so I decided

The post [SANS ISC] New Example of XSL Script Processing aka “Mitre T1220” appeared first on /dev/random.

Continue reading [SANS ISC] New Example of XSL Script Processing aka “Mitre T1220”→

Adaptive Macro-Pad Uses Tiny OLED Screens as Keycaps

Posted on December 17, 2020 by Dan Maloney

When we first laid eyes on Keybon, the adaptive macro keyboard, we sort of wondered what the big deal was. It honestly looked like any other USB macro keyboard, with big icons for various common tasks on the chunky keys. But looks can be deceiving, and [Max.K] worked a couple …read more

Continue reading Adaptive Macro-Pad Uses Tiny OLED Screens as Keycaps→

Micro Macro Keyboard is ‘Mega-Based

Posted on November 19, 2020 by Kristina Panos

There’s a certain kind of joy that comes in throwing something together from spare parts, or from finding utility in a proof of concept for another project. [Clewsy] is cooking up something clacky and built this baby keeb to prove some stuff out, such as reading a key matrix. Now …read more

Continue reading Micro Macro Keyboard is ‘Mega-Based→

[SANS ISC] How Attackers Brush Up Their Malicious Scripts

Posted on November 9, 2020 by Xavier

I published the following diary on isc.sans.edu: “How Attackers Brush Up Their Malicious Scripts“: On Friday, I received a bunch of alerts from one of my YARA hunting rules. Several samples were submitted from the same account (through the VT API), from the same country (US), and in a very

The post [SANS ISC] How Attackers Brush Up Their Malicious Scripts appeared first on /dev/random.

Continue reading [SANS ISC] How Attackers Brush Up Their Malicious Scripts→

OceanLotus hackers injecting malware in Windows error report

Posted on October 7, 2020 by Waqas

By Waqas
OceanLotus is a Vietnamese APT32 group previously known for targeting Android and Mac devices with malware.
This is a post from HackRead.com Read the original post: OceanLotus hackers injecting malware in Windows error report
Continue reading OceanLotus hackers injecting malware in Windows error report→

Close-up Photographer of the Year celebrates dramatic detail

Posted on October 5, 2020 by Michael Irving

The winners and finalists of the 2020 Close-up Photographer of the Year have been announced, with the top honors going to Galice Hoarau for an electrifying image of an eel larva snapped during a blackwater dive. The rest of the list highlights the seld… Continue reading Close-up Photographer of the Year celebrates dramatic detail→