Microsoft Office 365 / ProPlus 16.0.11929.202.88 Remote Code Execution Vulnerability

Exploit Title: Microsoft Office365 Remote Code Execution Vulnerability Date: 2/11/19 Exploit Author: Social Engineering Neo - @EngineeringNeo Vendor Homepage: https://microsoft.com Software Link: https://office.com Version: Office365/ProPlus build 16.0.11727.20222, 16.0.11901.20170,...

Microsoft Office365 / ProPlus 16.0.11901.20204 Code Execution / Protection Bypass Vulnerability

Exploit Title: Microsoft Office Code Execution/Protection Bypass Exploit Author: Social Engineering Neo - @EngineeringNeo Software Link: https://products.office.com/en-nz/compare-all-microsoft-office-products Version: Office365/ProPlus - build 16.0.11901.20204 Tested on: Windows - build 18362.295...

Microsoft Office365 / ProPlus 16.0.11901.20204 Code Execution / Protection Bypass

Exploit Title: Microsoft Office Code Execution/Protection Bypass Exploit Author: Social Engineering Neo - @EngineeringNeo Software Link: https://products.office.com/en-nz/compare-all-microsoft-office-products Version: Office365/ProPlus - build 16.0.11901.20204 Tested on: Windows - build 18362.295...

PowerWare Ransomware Masquerades as Locky to Intimidate Victims

A new variant of the PowerWare ransomware is stealing street creds from the Locky strain of ransomware in an attempt to spoof the malware family. A new sample of PowerWare found by Palo Alto Networks’ Unit 42 reveals the ransomware’s quickly evolving tactics. According to researchers, a new versi...

Targeted Attacks against Banks in the Middle East

Introduction In the first week of May 2016, FireEye’s DTI identified a wave of emails containing malicious attachments being sent to multiple banks in the Middle East region. The threat actors appear to be performing initial reconnaissance against would-be targets, and the attacks caught our...

Targeted Attacks against Banks in the Middle East

UPDATE Dec. 8, 2017: We now attribute this campaign to APT34, a suspected Iranian cyber espionage threat group that we believe has been active since at least 2014. Learn more about APT34 and their late 2017 targeting of a government organization in the Middle East. Introduction In the first week ...

Microsoft Reports Massive Increase in Macros Enabled Threats

The Microsoft Malware Protection Center says there has been a dramatic increase in threats using macros to spread malware via spam and social engineering over the last month. Macros are used for automating frequently used tasks in Office. Macro-related infections were constant and near zero daily...