10 matches found
Metasploit Weekly Wrap-Up 06/17/2025
New Modules & Adapters, and Improvements! This week’s release brings new modules, additional adapter payloads and improvements to existing modules and features. These modules target software such as ThinManager, Remote for Mac, Roundcube and more. It also includes additional work from bcoles that...
Beware of MalDoc in PDF: A New Polyglot Attack Allowing Attackers to Evade Antivirus
Cybersecurity researchers have called attention to a new antivirus evasion technique that involves embedding a malicious Microsoft Word file into a PDF file. The sneaky method, dubbed MalDoc in PDF by JPCERT/CC, is said to have been employed in an in-the-wild attack in July 2023. "A file created...
MalDoc in PDF Attack: Hackers Hiding Malicious Word Files within PDFs
By Habiba Rashid Dubbed MalDoc in PDF attack by researchers, the new attack trend utilizes PDF and Word files to spread malware. This is a post from HackRead.com Read the original post: MalDoc in PDF Attack: Hackers Hiding Malicious Word Files within PDFs...
Patch Tuesday - July 2023
Microsoft is addressing 130 vulnerabilities this July Patch Tuesday, including five zero-day vulnerabilities, and eight further critical remote code execution RCE vulnerabilities. Overall, it’s safe to say that this is a busier Patch Tuesday than the past couple of months. Note that the total cou...
Watch Out! Researchers Spot New Microsoft Office Zero-Day Exploit in the Wild
Cybersecurity researchers are calling attention to a zero-day flaw in Microsoft Office that could be abused to achieve arbitrary code execution on affected Windows systems. The vulnerability came to light after an independent cybersecurity research team known as naosec uncovered a Word document...
Emotet Maldoc Download Page
Emotet Maldoc Download Page is web page that automatically downloads malicious Microsoft Office documents to the victim's computer. Successful execution will infect the machine with the Emotet botnet and allow the attacker to take control of the infected machine and to download additional malware...
Dridex affiliate dresses up as Scrooge
Threat actors are hoping to catch a few more victims before they leave work for the Christmas holidays. The recent malicious spam campaigns malspam we and others have observed appear to have been created by someone who wants to play Scrooge and add onto peoples already heightened state of anxiety...
LittleCorporal - A C# Automated Maldoc Generator
LittleCorporal: A C Automated Maldoc Generator C:\LittleCorporal\bin\ReleaseLittleCorporal.exe C:\beacon.bin explorer.exe . . . . | | ||/ |/ || | \ \ | | | | | \ \ \ | / / \ / / \ \ \ / \ \ \ | | | || || | | | | |\ /\ \ | / | | // | | | ||| || |/\ \ //|| | / /|| // / / / || / / \ / o\ /...
FIN7 Hackers Using Windows 11 Themed Documents to Drop Javascript Backdoor
A recent wave of spear-phishing campaigns leveraged weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript implant, against a point-of-sale PoS service provider located in the U.S. The attacks, which are believed to have taken...
Analysis of LooCipher, a New Ransomware Family Observed This Year
ARCHIVED STORY Analysis of LooCipher, a New Ransomware Family Observed This Year By ATR Operational Intelligence Team · December 05, 2019 Co-authored by Marc RiveroLopez. Initial Discovery This year seems to again be the year for ransomware. Notorious attacks were made using ransomware and new...