Microsoft Word

Microsoft Word and Sandboxes

Microsoft Word and Sandboxes

| | Microsoft Word, sandbox evasion, sandboxes, sandboxing
Today's post is a brief one on some Microsoft Word and sandbox detection / discovery / fun.Collect user name from Microsoft OfficeMost sandboxes will trigger somehow or something if a tool or ...
Blaze's Security Blog
Adobe, Apple, Google & Microsoft Patch 0-Day Bugs

Adobe, Apple, Google & Microsoft Patch 0-Day Bugs

| | adobe, Apple, Automox, CVE-2023-26369, CVE-2023-36761, CVE-2023-36802, CVE-2023-38148, CVE-2023-41064, google, iOS 16.16.1, Lockdown Mode, Microsoft, Microsoft Patch Tuesday September 2023, Microsoft Word, Time to Patch, Tom Bowyer
Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe, Google ...
Krebs on Security
CISA Warns of Phishing Campaign Used to Deploy KONNI Malware

CISA Warns of Phishing Campaign Used to Deploy KONNI Malware

| | cisa, Digital Identity, Digital Privacy, Emails, Industry News, Konni, Microsoft Word, Phishing, VBA
The Cybersecurity and Infrastructure Security Agency (CISA) advised users to be wary of an email attachment containing a malicious Microsoft Word document that’s used to deploy KONNI malware. Phishing is one of ...
HOTforSecurity
Ursnif infection chain Bromium blog

Tricks and COMfoolery: How Ursnif Evades Detection

| | Breaking News, bypass an attack surface reduction rule, Gozi, Microsoft Word, powershell, Threat, threats, Ursnif
Ursnif is one of the main threats that is effectively evading detection right now (at publication) The dropper uses a COM technique to hide its process parentage WMI is used to bypass ...
Bromium
State Govts. Warned of Malware-Laden CD Sent Via Snail Mail from China

State Govts. Warned of Malware-Laden CD Sent Via Snail Mail from China

| | Krebs's 3 Basic Rules for Online Safety, Latest Warnings, Microsoft Word, MS-ISAC, Multi-State Information Sharing and Analysis Center, snail mail phishing, The Coming Storm
Here's a timely reminder that email isn't the only vector for phishing attacks: Several U.S. state and local government agencies have reported receiving strange letters via snail mail that include malware-laden compact ...
Krebs on Security
Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

| | ATM fraud, C&E rider, Charisse Castagnoli, Data breaches, Microsoft Word, National Bank of Blacksburg, verizon
Hackers used phishing emails to break into a Virginia bank in two separate cyber intrusions over an eight-month period, making off with more than $2.4 million total. Now the financial institution is ...
Krebs on Security
EMC Patches Serious Flaws in Data Protection Suite

EMC Patches Serious Flaws in Data Protection Suite

| | Apple, EMC Data Protection Suite, Microsoft Word
EMC has released security fixes for three vulnerabilities that, when combined, can be used to take full control of products from its Data Protection Suite: the Avamar Server, the NetWorker Virtual Edition ...
Security Boulevard
Attackers Use Undocumented Word Feature to Fingerprint Victims' Software

Attackers Use Undocumented Word Feature to Fingerprint Victims’ Software

| | backdoor, CCleaner, malware infection, Microsoft Word, Piriform, software fingerprinting, supply chain, supply chain attack
Attackers are taking advantage of an undocumented feature in Microsoft Word to gather information about potential victims by using seemingly harmless documents that have no active code embedded in them. The technique ...