Microsoft Word – Page 10 – WindowsTechs.com

Cybercriminals hijacked a government server to send sophisticated malware to U.S. companies

Posted on October 11, 2017 by Chris Bing

A Eastern European hacking group hijacked U.S. state government servers to dispense malware through phishing emails that were designed to appear like they had come from the Securities and Exchange Commission, according to research by Cisco’s Talos team and an analysis by other cybersecurity experts familiar with the activity. The technical findings connect a known advanced persistent threat (APT) group, codenamed FIN7 by U.S. cybersecurity firm FireEye, to a sophisticated intrusion technique that was detected in a recent wave of spoofed emails that mimicked the SEC’s domain. The messages carried malware-laden Microsoft Word documents mentioning financial disclosure information from the EDGAR system. FIN7 is believed to represent a eastern European criminal enterprise that speaks Russian and operates internationally. Emails tied to this campaign were “highly targeted” and only sent to a small, select group of U.S. businesses in several different industry sectors, including finance, insurance and information technology, said Craig Williams, a senior […]

The post Cybercriminals hijacked a government server to send sophisticated malware to U.S. companies appeared first on Cyberscoop.

Continue reading Cybercriminals hijacked a government server to send sophisticated malware to U.S. companies→

An (un)documented Word feature abused by attackers

Posted on September 18, 2017 by Alexander Liskin

A little while back we were investigating the malicious activities of the Freakyshelly targeted attack and came across spear phishing emails that had some interesting documents attached to them. They were in OLE2 format and contained no macros, exploits or any other active content. Continue reading An (un)documented Word feature abused by attackers→

An (un)documented Word feature abused by attackers

Posted on September 18, 2017 by Alexander Liskin

New Microsoft Word zero day used in Russian-language spyware campaign, analysts say

Posted on September 12, 2017 by Chris Bing

A well-funded spy group appears to have recently acquired a highly sophisticated zero day vulnerability and used it to deploy a remote access trojan against a Russian-speaking “entity,” according to evidence discovered by U.S. cybersecurity firm FireEye. Researchers with FireEye found the disruptive software vulnerability, which affects recent versions of Microsoft Word, in July. The trojan, known as FinSpy, is made by infamous surveillance technology firm FinFisher, a blog post by FireEye says. The Word flaw remained unpatched until Tuesday afternoon, when Microsoft issued its monthly security update. This vulnerability, labeled CVE-2017-8759, was used as recently as late August to hack into systems, FireEye analyst Ben Read told CyberScoop. Analysts originally uncovered CVE-2017-8759 while examining a highly targeted phishing email that was written in Russian. The email contained an attachment that when opened exploited a software flaw in the word processor to remotely download FinSpy from a computer server controlled by the attacker. […]

The post New Microsoft Word zero day used in Russian-language spyware campaign, analysts say appeared first on Cyberscoop.

Continue reading New Microsoft Word zero day used in Russian-language spyware campaign, analysts say→

SophosLabs analysis: why the surge in Word docs hiding ransomware?

Posted on June 20, 2017 by Bill Brenner

The bad guys are using old tricks to hide very modern nasty surprises in Word documents. We take a look at how they’re doing that Continue reading SophosLabs analysis: why the surge in Word docs hiding ransomware?→

Beware! This Microsoft PowerPoint Hack Installs Malware Without Requiring Macros

Posted on June 7, 2017 by Mohit Kumar

“Disable macros and always be extra careful when you manually enable it while opening Microsoft Office Word documents.”

You might have heard of above-mentioned security warning multiple times on the Internet as hackers usually leverage this decade old… Continue reading Beware! This Microsoft PowerPoint Hack Installs Malware Without Requiring Macros→

Wolf in sheep’s clothing: a SophosLabs investigation into delivering malware via VBA

Posted on May 31, 2017 by Bill Brenner

SophosLabs gets under the skin of the bad guys’ latest attempt to drop ransomware on to your PCs Continue reading Wolf in sheep’s clothing: a SophosLabs investigation into delivering malware via VBA→

Breach at DocuSign Led to Targeted Email Malware Campaign

Posted on May 16, 2017 by BrianKrebs

DocuSign, a major provider of electronic signature technology, acknowledged today that a series of recent malware phishing attacks targeting its customers and users was the result of a data breach at one of its computer systems. The company stresses that the data stolen was limited to customer and user email addresses, but the incident is especially dangerous because it allows attackers to target users who may already be expecting to click on links in emails from DocuSign. Continue reading Breach at DocuSign Led to Targeted Email Malware Campaign→

Botnet Sending 5 Million Emails Per Hour to Spread Jaff Ransomware

Posted on May 12, 2017 by Mohit Kumar

A massive malicious email campaign that stems from the Necurs botnet is spreading a new ransomware at the rate of 5 million emails per hour and hitting computers across the globe.

Dubbed “Jaff,” the new file-encrypting ransomware is very similar to th… Continue reading Botnet Sending 5 Million Emails Per Hour to Spread Jaff Ransomware→