Equation Editor Archives

[SANS ISC] More Equation Editor Exploit Waves

October 12, 2018 Malware, SANS Internet Storm Center, Security Leave a comment

I published the following diary on isc.sans.edu: “More Equation Editor Exploit Waves“: This morning, I spotted another wave of malicious documents that (ab)use againÂ CVE-2017-11882Â in the Equation Editor (see myÂ yesterday’s diary). This time, malicious files are RTF files. One of the samples is SHA256:bc84bb7b07d196339c3f92933c5449e71808aa40a102774729ba6f1c152d5ee2 (VT score: 19/57)… [Read more]

[SANS ISC] New Campaign Using Old Equation Editor Vulnerability

October 11, 2018 Malware, SANS Internet Storm Center, Security Leave a comment

I published the following diary on isc.sans.edu: “New Campaign Using Old Equation Editor Vulnerability“: Yesterday, I found a phishing sample that looked interesting: From: sales@tjzxchem[.]com To: me Subject: RE: Re: Proforma Invoice INV 075 2018-19 â€™08 Reply-To: exports.sonyaceramics@gmail[.]com [Read more]