Tag: office

Vawtrak trojan spread through malicious Office macros

Users easily tricked, but plenty of opportunity for the malware to be blocked. Researchers at Trend Micro report that the ‘Vawtrak’ banking trojan now also spreads through Office macros, embedded in documents that are attached to spam emails. Vawtrak rose to prominence late last year, when it broadened its scope from targeting Japanese banking users…

February 24, 2015
CVE-2012-0158 continues to be used in targeted attacks

30-month old vulnerability still a popular way to infect systems. If all you have to worry about are zero-day vulnerabilities, you have got things pretty well sorted. Although it is true that sometimes zero-days are being used to deliver malware (such as the recent use of CVE-2014-4114 by the SandWorm group), in many cases even…

October 31, 2014
Microsoft Word for Mac exploit used in targeted attacks

Tibetan NGOs targeted. Researchers at Alienvault have discovered a targeted attack against Tibetan NGOs that uses a three-year-old vulnerability in Microsoft Office for Mac . The attack exploits vulnerability MS09-027, which was discovered and subsequently patched by Microsoft in 2009. On unpatched systems, a specially crafted malicious document allows for remote code execution, giving the…

March 28, 2012