Lucene search
K

6 matches found

Microsoft Malware Protection
Microsoft Malware Protection
added 2021/09/15 11:40 p.m.597 views

Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability

In August, Microsoft Threat Intelligence Center MSTIC identified a small number of attacks less than 10 that attempted to exploit a remote code execution vulnerability in MSHTML using specially crafted Microsoft Office documents. These attacks used the vulnerability, tracked as CVE-2021-40444, as...

6.8CVSS0.96843EPSS
Exploits38
FireEye
FireEye
added 2020/11/19 12:0 a.m.383 views

Purgalicious VBA: Macro Obfuscation With VBA Purging

Malicious Office documents remain a favorite technique for every type of threat actor, from red teamers to FIN groups to APTs. In this blog post, we will discuss "VBA Purging", a technique we have increasingly observed in the wild and that was first publicly documented by Didier Stevens in Februa...

7.1AI score
Exploits0References16
Trellix
Trellix
added 2019/07/16 12:0 a.m.14 views

McAfee ATR Aids Police in Arrest of Rubella & Dryad Office Macro Builder

ARCHIVED STORY McAfee ATR Aids Police in Arrest of Rubella & Dryad Office Macro Builder By John Fokker · July 16, 2019 Everyday thousands of people receive emails with malicious attachments in their email inbox. Disguised as a missed payment or an invoice, a cybercriminal sender tries to entice a...

7.5AI score
Exploits0
Talos Blog
Talos Blog
added 2019/02/14 10:31 a.m.44 views

Beers with Talos Ep. #46 - Privacy Pwnd: ExileRAT and Collecting Bad Karma

Beers with Talos BWT Podcast Ep. 46 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. Ep. 46 show notes: Recorded Feb. 1, 2019 Today we discuss threats that bridge the gap between violating privacy and classic...

0.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/07/02 9:12 p.m.948 views

New macro-less technique to distribute malware

One of the most common and effective infection vectors, especially for businesses, is the use of malicious Office documents. This year alone, we witnessed two zero-days for both Flash and the VBScript engine, which were first actually embedded into Office documents before gaining wider adoption i...

9.3CVSS0.9AI score0.99933EPSS
Exploits29
ThreatPost
ThreatPost
added 2017/12/12 2:1 p.m.26 views

New Spider Ransomware Comes With 96-Hour Deadline

A new ransomware strain called Spider is targeting victims located in the Balkans in what is called a “mid-scale” campaign. The Spider ransomware is unique in that attackers are given a 96-hour deadline to pay. Attackers also attempt to calm victims, assuring them the ransom payment and file...

0.8AI score
Exploits0References1
Rows per page
Query Builder