SmokeLoader Malware Exploits MS Office Flaws to Steal Browser Credentials

SmokeLoader malware has resurfaced with enhanced capabilities and functionalities, targeting your personal data...

Hackers Use MS Excel Macro to Launch Multi-Stage Malware Attack in Ukraine

A new sophisticated cyber attack has been observed targeting endpoints geolocated to Ukraine with an aim to deploy Cobalt Strike and seize control of the compromised hosts. The attack chain, per Fortinet FortiGuard Labs, involves a Microsoft Excel file that carries an embedded VBA macro to initia...

[SECURITY] [DLA 3426-3] netatalk regression update

Debian LTS Advisory DLA-3426-3 [email protected] https://www.debian.org/lts/security/ Markus Koschany August 13, 2023 https://wiki.debian.org/LTS Package : netatalk Version : 3.1.12ds-3+deb10u3 CVE ID : CVE-2022-23123 Debian Bug : 1043504 Another regression was identified in Netatalk, t...

Evil Clippy - A Cross-Platform Assistant For Creating Malicious MS Office Documents

A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code via P-Code and confuse macro analysis tools. Runs on Linux, OSX and Windows. Current features Hide VBA macros from the GUI editor VBA stomping P-code abuse Fool analyst tools Serve VBA stomp...

Microsoft Releases April 2019 Security Updates — Two Flaws Under Active Attack

Microsoft today released its April 2019 software updates to address a total of 74 CVE-listed vulnerabilities in its Windows operating systems and other products, 13 of which are rated critical and rest are rated Important in severity. April 2019 security updates address flaws in Windows OS,...

Microsoft Windows MSHTML Engine - 'Edit' Remote Code Execution

Exploit Title: Microsoft Windows CVE-2019-0541 MSHTML Engine "Edit" Remote Code Execution Vulnerability Google Dork: N/A Date: March, 13 2019 Exploit Author: Eduardo Braun Prado Vendor Homepage: http://www.microsoft.com/ Software Link: http://www.microsoft.com/ Version: Windows 7 SP1, Server 2008...

A critical bug in Microsoft left 400M accounts exposed

By Waqas A bug bounty hunter from India, Sahad Nk who works forSafetyDetective, a cybersecurity firm, has received a reward from Microsoft for uncovering and reporting a series of critical vulnerabilities in Microsoft accounts. These vulnerabilities were present on users’ Microsoft accounts from ...

Microsoft June 2018 Patch Tuesday Pushes 11 Critical Security Updates

It's time to gear up for the latest June 2018 Microsoft security patch updates. Microsoft today released security patch updates for more than 50 vulnerabilities, affecting Windows, Internet Explorer, Edge, MS Office, MS Office Exchange Server, ChakraCore, and Adobe Flash Player—11 of which are...

Carbon Black TAU Threat Analysis: Emotet Banking Trojan Leverages MS Office Word Docs, PowerShell to Deliver Malware

Emotet is a family of banking malware, which has been around since at least 2014. Attackers continue to leverage variants of Emotet and are becoming increasingly shrewd in the techniques they employ to deliver the malware onto an infected system. In the spring of 2018 Carbon Black's Threat Analys...

macro_pack - Tool Used To Automatize Obfuscation And Generation Of Ms Office Documents For Pentest, Demo, And Social Engineering Assessments

The macropack is a tool used to automatize obfuscation and generation of retro formats such as MS Office documents or VBS like format. This tool can be used for redteaming, pentests, demos, and social engineering assessments. macropack will simplify antimalware solutions bypass and automatize the...

Automatize Obfuscation and Generation of MS Office Documents: macro_pack

The macropack is a tool used to automatize obfuscation and generation of MS Office documents for pentest, demo, and social engineering assessments. The goal of macropack is to simplify antimalware solutions bypass and automatize the process from vba generation to final Office document generation...

Processing .docx and .xlsx files with Python

MS Office documents are probably one of the most inconvenient and poorly formalized data sources. It's much better to keep all the data in specialized databases or at least in wiki. But in real life, MS Office documents are in active use in nearly every organization. Simply because it is a flexib...

MS Office’ Default Function Can Be Used to Create Self-Replicating Malware

By Waqas Italian security researcher Lino Antonio Buono discovered a security flaw This is a post from HackRead.com Read the original post: MS Office’ Default Function Can Be Used to Create Self-Replicating Malware...

KLA11121 ACE vulnerability in Adobe Flash Player

A remote code execution vulnerability was found in Adobe Flash Player. This vulnerability can be exploited via a specially designed MS Office document to execute arbitrary code. Technical details To update Adobe Flash Player ActiveX detected as Flash.ocx on Windows 8 and higher, install latest...

Attackers Use Undocumented MS Office Feature to Leak System Profile Data

An undocumented Microsoft Office feature allows attackers to gather sensitive configuration details on targeted systems simply by tricking recipients to open a specially crafted Word document—no VBA macros, embedded Flash objects or PE files needed. The undocumented feature is being used by...

Metasploit Weekly Wrapup

Ghost...what??? hdm recently provided a new exploit module for a type confusion vulnerability that exists in Ghostscript versions 9.21 and earlier, allowing remote code execution on the target. And to "kick it up a notch", this exploit got itself a snazzy logo which also contains the exploit:...

WordPress Google Doc Embedder 2.5.18 Cross Site Scripting

Title: WordPress 'Google Doc Embedder' plugin - XSS Version: 2.5.18 Author: Morten Nørtoft, Kenneth Jepsen, Mikkel Vej Date: 2015/01/26 Download: https://wordpress.org/plugins/google-document-embedder/ Contacted WordPress: 2015/01/26 ==========================================================...

OpenXchange crossite scripting

Crossite scripting on MS Office and EML documents viewing...

My PDF Creator DE DM 1.4 iOS - Multiple Vulnerabilities

My PDF Creator DE DM 1.4 iOS - Multiple Vulnerabilities Document Title: =============== My PDF Creator & DE DM v1.4 iOS - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1201 Release Date: ============= 2014-02-16 Vulnerability...

Remote File Manager 1.2 XSS / Local File Inclusion

Title: ====== Remote File Manager v1.2 iOS - Multiple Web Vulnerabilities Date: ===== 2013-02-23 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=882 VL-ID: ===== 882 Common Vulnerability Scoring System: ==================================== 6.1 Introduction: ============...