I published the following diary on isc.sans.org: “Microsoft Publisher Files Delivering Malware“:
Attackers are always searching for new ways to deliver malicious content to their victims. A few days ago, Microsoft Publisher malicious files were spotted by security researchers[1]. Publisher is a low-level desktop publishing application offered by Microsoft in its Office suite. They are linked to the “.pub†extension. If not very popular these days, Publisher is still installed on many computers because the default setup of Office 365 proposes it by default… [Read more]