Top

Tag: office


Cyber-crime, Malware

Escanor malware delivered in weaponized Microsoft Office documents

August 22, 2022

Via: Help Net Security

Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 500 worldwide, identified a new RAT (Remote Administration Tool) advertised in Dark Web and Telegram called Escanor. The threat actors offer Android-based and PC-based versions of RAT, along with HVNC module and […]


Privacy protection

Microsoft covertly collects personal data from enterprise Office ProPlus users

November 15, 2018

Via: CSO Online

Privacy Company released the results of a data protection impact assessment showing privacy risks in the enterprise version of Microsoft Office. Regarding the “large scale and covert collection of personal data” of Microsoft Office ProPlus (Office 2016 MSI and Office […]


Malware, Virus & Malware, Vulnerabilities

Zyklon Malware Delivered via Recent Office Flaws

January 18, 2018

Via: Security Week

A piece of malware known as Zyklon has been delivered by cybercriminals using some relatively new vulnerabilities in Microsoft Office, FireEye reported on Wednesday. Zyklon has been around since early 2016 and it allows attackers to conduct a wide range […]


Network security

Proposed Legislation Would Create Office of Cybersecurity at FTC

January 12, 2018

Via: Security Week

Two Democratic senators, Elizabeth Warren, D-Mass., and Mark Warner, D-Va, introduced a bill Wednesday that would provide the Federal Trade Commission (FTC) with punitive powers over the credit reporting industry — primarily Equifax, Credit Union and Experian — for poor […]


Hacker, Threats & Malware, Vulnerabilities

Microsoft Word slams the door on DDEAUTO malware attacks

December 19, 2017

Via: Naked Security

Remember the DDEAUTO vulnerability? DDEAUTO, short for automatic dynamic data exchange, is a command you can put right inside the data of an Office file to get it to pull data out of another file. According to Microsoft’s official documentation, […]


Network security

State Dept insists cyber a priority despite office closure

December 5, 2017

Via: The Hill

A State Department official defended the decision to close an office dedicated to cyber diplomacy, saying it reflects an effort to integrate cyber and digital economy policymaking efforts. Secretary of State Rex Tillerson notified Congress in August of the department’s […]


Malware

Legacy Office Feature Used In Novel Document Attacks

October 13, 2017

Via: Threat Post

Recent document-based attacks have leveraged malicious macros that if enabled install malware. But, researchers at SensePost have developed a proof-of-concept attack that does not require macros and instead uses an old Microsoft Office feature called Dynamic Data Exchange to execute […]


Vulnerabilities

Microsoft Patches Critical Flaws in Windows, Internet Explorer

October 14, 2015

Via: vulnerabilities

The six security bulletins released by #microsoft for #october 2015 address more than 30 #vulnerabilities affecting Windows, Internet Explorer, #edge, and #office. One of the bulletins rated critical is MS15-106, which resolves a total of 14 vulnerabilities in Internet Explorer. […]


Vulnerabilities

Federal personnel files still very vulnerable and ‘prime targets’ for hackers, audit finds

July 16, 2015

Via: vulnerabilities

An audit due out Friday found 3,000 “critical” and “high-risk” vulnerabilities in three key bureaus at the Interior Department, the agency hosting the hacked personnel files of 4.2 million federal employees. The weak spots, discovered through testing by the Interior […]