Hackers Turn to OpenDocument Format to Avoid AV Detection

Attackers have a new obfuscation technique that uses the OpenDocument file format for sneaking payloads past antivirus software. Past macro-based attacks have relied on malware hitching a ride with .docx, .zip, .jar and many other file formats. But researchers at Cisco Talos said that because the...

Open Document format creates twist in maldoc landscape

By Warren Mercer and Paul Rascagneres. Introduction Cisco Talos recently observed attackers changing the file formats they use in an attempt to thwart common antivirus engines. This can happen across other file formats, but today, we are showing a change of approach for an actor who has deemed...

CVE-2017-0199 OFFICE OLE2LINK the exploitability of the vulnerability details-vulnerability warning-the black bar safety net

Author: 天择实验室[email protected] Reprint please indicate the source: http://blog.jowto.com Vulnerability overview fireeye recently published a OFFICE 0day, without the need for user interaction in the case, open a word document you can by hta script to execute arbitrary code. After the study found tha...

Microsoft Windows - HTA Script Execution (MS05-016)

Microsoft Windows - HTA Script Execution MS05-016 / Changed date in db to place it on the main page instead of it being bumped off /str0ke / /++ MS05-016 POC Made By ZwelL [email protected] 2005.4.13 All information from : http://www.securityfocus.net/archive/1/395563/2005-04-10/2005-04-16/0 You nee...