[SANS ISC] Malicious Microsoft Word Remains A Key Infection Vector

I published the following diary on isc.sans.edu: “Malicious Microsoft Word Remains A Key Infection Vector“: Despite Microsoft’s attempts to make its Office suite more secure and disable many automatic features, despite the fact that users are warned that suspicious documents should not be opened, malicious Word documents remain a key

SANS ISC

[SANS ISC] Interesting VBA Dropper

I published the following diary on isc.sans.org: “Interesting VBA Dropper“. Here is another sample that I found in my spam trap. The technique to infect the victim’s computer is interesting. I captured a mail with a malicious RTF document (SHA256: c247929d3f5c82247db9102d2dec28c27f73dc0824f8b386f92aad1a22fd8edd) that exploits the OLE2Link vulnerability (CVE-2017-0199). Once opened, the

1 2