Hot Topics

excel

Lateral Movement: Abuse the Power of DCOM Excel Application

Lateral Movement: Abuse the Power of DCOM Excel Application

| | dcom, excel, lateral movement, research, specterops
In this post, we will talk about an interesting lateral movement technique called ActivateMicrosoftApp() method within the distributed component object model (DCOM) Excel application. This technique is built upon Matt Nelson’s initial ...
Posts By SpecterOps Team Members - Medium
VelvetSweatshop Technique Used by Attack Campaign to Deliver LimeRAT

VelvetSweatshop Technique Used by Attack Campaign to Deliver LimeRAT

| | excel, IT Security and Data Protection, Latest Security News, LimeRAT, VelvetSweatshop
An attack campaign leveraged the Excel VelvetSweatshop encryption technique to deliver samples of the LimeRAT malware family. According to Mimecast, those responsible for this attack campaign turned to VelvetSweatshop to enhance the ...
The State of Security
Mac users warned that disabling all Office macros doesn’t actually disable all Office macros

Mac users warned that disabling all Office macros doesn’t actually disable all Office macros

| | archive, excel, macos, Macros
It’s been almost 25 years since macro malware first reared its head, and it would be nice to think that the defences Microsoft has built into its Office suite in the years ...
HOTforSecurity
Location-aware malware targets Japanese and Korean endpoints Bromium

Location-Aware Malware Targets Japanese and Korean Endpoints

| | DateAndTime, excel, image, Japan, Korea, Location, Malware, Microsoft, threats, ZeRo
New malware samples use location awareness to specifically target Japanese and Korean endpoints. The malware uses two techniques to determine the location in which it is being executed and ensures that the ...
Bromium
PowerShell is executing inside the Explorer Preview pane

Preview Pain: Malware Triggers in Outlook Preview Without User Opening Word Document

| | email attachment, excel, Malware, Microsoft, outlook, powershell, Preview, threats, word
A recent malware sample forwarded to our Threat Intelligence service had some very interesting properties which we think would be useful to share. The sample itself is a Word document which is ...
Bromium
Super Mario Oddity

Super Mario Oddity

| | excel, gandcrab, Italy, malspam, Malware, powershell, threats
A few days ago, I was investigating a sample piece of malware where our static analysis flagged a spreadsheet as containing a Trojan but the behavioural trace showed very little happening. This ...
Bromium
SaaS Companies Are Breaking Up with Excel for Managing Cybersecurity - Here’s Why

SaaS Companies Are Breaking Up with Excel for Managing Cybersecurity – Here’s Why

| | CIO, Cybersecurity Automation, cybersecurity management, cybersecurity trends, Enterprise Software, excel, Reporting on Cybersecurity, SaaS cybersecurity, spreadsheets
Excel is great for pivot tables and financial modeling, but one of its greatest weakness is that it's one-dimensional, not collaborative, static, and frustrating for generating on-demand reports. And who really likes ...
Apptega Blog

Excel pivot table data leak leads to £120,000 fine for London council

| | Data leak, excel, Featured Articles, IT Security and Data Protection, Privacy
A London council has been fined £120,000 for accidentally revealing the names of people who owned empty properties. An error that could have been avoided with a simple double-click. The post Excel ...
The State of Security
ISO 27001 risk assessments: The problem with using spreadsheets

ISO 27001 risk assessments: The problem with using spreadsheets

| | excel, ISO 27001, risk, risk assessment, Risk Assessments, security bloggers network, software, spreadsheets, vsRisk
An ISO 27001 risk assessment is at the core of your organisation’s information security management system (ISMS). Those new to tackling this complex step may rely on using a manual, inexpensive solution ...
Vigilant Software Blog