Decoy Microsoft Word Documents Used to Deliver Nim-Based Malware

A new phishing campaign is leveraging decoy Microsoft Word documents as bait to deliver a backdoor written in the Nim programming language. "Malware written in uncommon programming languages puts the security community at a disadvantage as researchers and reverse engineers' unfamiliarity can hamp...

State-Backed Hackers Exploit Microsoft 'Follina' Bug to Target Entities in Europe and U.S

A suspected state-aligned threat actor has been attributed to a new set of attacks exploiting the Microsoft Office "Follina" vulnerability to target government entities in Europe and the U.S. Enterprise security firm Proofpoint said it blocked attempts at exploiting the remote code execution flaw...

Threat Source newsletter for April 30, 2020

Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. Our newest research post focuses on the Aggah campaign. Threat actors are pushing Aggah to victims via malicious Microsoft Word document...

Arbitrary Code Execution

OpenOffice.org is vulnerable to arbitrary code execution. An integer underflow flaw and a boundary error flaw, both possibly leading to a heap-based buffer overflow, were found in the way OpenOffice.org parsed certain records in Microsoft Word documents. An attacker could create a specially-craft...

IcedID Banking Trojan Teams up with Ursnif/Dreambot for Distribution

Update: 4/11 we have corrected the detection to Ursnif/Dreambot This post was authored by Ross Gibb with research contributions from Daphne Galme, and Michael Gorelik of Morphisec, a Cisco Security Technical Alliance partner. Cisco has noticed an increase in infections by the banking trojan IcedI...

SANNY Malware Delivery Method Updated in Recently Observed Attacks

Introduction In the third week of March 2018, through FireEye’s Dynamic Threat Intelligence, FireEye discovered malicious macro-based Microsoft Word documents distributing SANNY malware to multiple governments worldwide. Each malicious document lure was crafted in regard to relevant regional...

Malware Hijacks Microphones to Spy On Ukrainian Businesses, Scientists and Media

Ukraine has once again been a target of a potential hacking attack that infected computer systems from dozens of Ukrainian businesses with highly sophisticated malware, allowing hackers to exfiltrate sensitive data and eavesdrop on their network. Late last year, the country also suffered a power...

Debian Security Advisory DSA 3394-1 (libreoffice - security update)

Multiple vulnerabilities have been discovered in LibreOffice, a full-featured office productivity: CVE-2015-4551Federico Scrinzi discovered an information leak in the handling of ODF documents. Quoting from https://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/ : The LinkUpdateMo...

DSA-3394-1 libreoffice - security update

Bulletin has no description...

Scientific Linux Security Update : openoffice.org on SL3.x i386/x86_64

CVE-2009-2950 openoffice.org: GIF file parsing heap overflow CVE-2009-2949 openoffice.org: integer overflow in XPM processing CVE-2009-3301 OpenOffice.org Word sprmTDefTable Memory Corruption CVE-2009-3302 OpenOffice.org Word sprmTSetBrc Memory Corruption An integer overflow flaw, leading to a...

Scientific Linux Security Update : openoffice.org on SL5.x i386/x86_64

CVE-2009-2950 openoffice.org: GIF file parsing heap overflow CVE-2009-2949 openoffice.org: integer overflow in XPM processing CVE-2009-3301 OpenOffice.org Word sprmTDefTable Memory Corruption CVE-2009-3302 OpenOffice.org Word sprmTSetBrc Memory Corruption An integer overflow flaw, leading to a...

CentOS Update for openoffice.org CESA-2009:1426 centos3 i386

Check for the Version of openoffice.org OpenVAS Vulnerability Test CentOS Update for openoffice.org CESA-2009:1426 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/...

CentOS Update for openoffice.org CESA-2009:1426 centos4 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for openoffice.org-base CESA-2010:0101 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for openoffice.org RHSA-2010:0101-02

Check for the Version of openoffice.org OpenVAS Vulnerability Test RedHat Update for openoffice.org RHSA-2010:0101-02 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

RedHat Update for openoffice.org RHSA-2010:0101-02

Check for the Version of openoffice.org OpenVAS Vulnerability Test RedHat Update for openoffice.org RHSA-2010:0101-02 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

CentOS Update for openoffice.org CESA-2010:0101 centos3 i386

Check for the Version of openoffice.org OpenVAS Vulnerability Test CentOS Update for openoffice.org CESA-2010:0101 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/...

RHEL 3 / 4 / 5 : openoffice.org (RHSA-2010:0101)

Updated openoffice.org packages that correct multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes...

Important: Red Hat Security Advisory: openoffice.org security update

Updated openoffice.org packages that correct multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes...

PowerCHM 5.7 - hhp Local Buffer Overflow

PowerCHM 5.7 - hhp Local Buffer Overflow !/usr/bin/perl Title: PowerCHM 5.7 hhp Local Buffer Overflow Exploit Summary: With PowerCHM you can create your CHM files automatically from Html Files including .htm, .html and .mht, Text Files .txt, Microsoft Word Documents .doc and Adobe Acrobat Documen...