Home Tags FireEye

Tag: FireEye

China ‘hacked’ South Korea to wreck Star Wars missile shield

FireEye fingers Middle Kingdom infiltration teams Well-connected security biz FireEye is claiming Chinese hackers are trying to break into South Korea's military to halt the deployment of an anti-ballistic weapons system in the country.…

Researchers claim China trying to hack South Korea missile defense efforts

Deployment of THAAD upsets China, seen as espionage tool.

Criminals, Intelligence Agents Shared Zero-Day Microsoft Word Flaw

The same exploit using a zero-day security flaw patched by Microsoft this week was used to spread malicious software used by cyber-criminals and cyber-spies, according to FireEye.

Microsoft Word 0-day was actively exploited by strange bedfellows

Same exploit used by malware crooks and nation-sponsored hackers targeting Russians.

Microsoft Word exploit linked to cyberspying in Ukraine conflict

A previously unknown Microsoft Office vulnerability was recently used to deliver spyware to Russian-speaking targets, in a possible case of cyberespionage.Security firm FireEye noticed the intrusion attempt, which taps a critical software flaw that hackers are using to craft malicious Microsoft Word documents.[ Expand your security career horizons with these essential certifications for smart security pros. | Discover how to secure your systems with InfoWorld's Security Report newsletter. ]On Wednesday, FireEye said it uncovered one attack that weaponized a Russian military training manual. Once opened, the malicious document will deliver FinSpy, a surveillance software that’s been marketed to governments.To read this article in full or to leave a comment, please click here

Critical Word 0-day is only 1 of 3 Microsoft bugs under...

In-the-wild exploits bring additional urgency to this month's update routine.

Unraveling the Lamberts Toolkit

The Lamberts is a family of sophisticated attack tools that has been used by one or multiple threat actors against high-profile victims since at least 2008.

The arsenal includes network-driven backdoors, several generations of modular backdoors, harvesting tools, and wipers.

Microsoft Word 0day used to push dangerous Dridex malware on millions

Blast could give a boost to Dridex, one of the Internet's worst bank-fraud threats.

Microsoft Set to Patch New Zero-Day Office Vulnerability

McAfee and FireEye both report a previously undisclosed vulnerability in Microsoft Office that is being actively exploited by attackers.

VU#921560: Microsoft OLE URL Moniker improperly handles remotely-linked HTA data

Microsoft OLE uses the URL Moniker to open application data based on the server-provided MIME type,which can allow an unauthenticated remote attacker to execute arbitrary code on a vulnerable system.

Word zero-day affects all versions of Office and Windows

Somebody at McAfee jumped the gun. Last Friday night McAfee disclosed the inner workings of a particularly pernicious rigged Word document attack — a zero-day involving a linked HTA file. On Saturday FireEye — citing a “recent public disclosure by another company” — gave more details, and revealed that it had been working on the problem with Microsoft for several weeks.It looks like McAfee’s public disclosure forced FireEye’s hand prior to Microsoft’s anticipated fix tomorrow.[ Office 365 vs.

Google G Suite: Productivity smackdown • Collaboration smackdown • Management smackdown. | Our guide to Exchange-based tools in Windows, MacOS, iOS, and Android: Desktop Outlook vs. mobile Outlook vs. native apps. ]
The exploit appears in a Word doc attached to an email message. When you open the doc (an RTF file with a .doc name extension), it has an embedded link that retrieves an HTA file. (An HTML application is usually wrapped around a VBScript or JScript program.)To read this article in full or to leave a comment, please click here

OLE-y hell. Bug in MSFT Word allows total PC p0wnage

FireEye, McAfee, disclose over the weekend. Will Microsoft squash it on Patch Tuesday? All eyes will be on Microsoft's April patch run - due tomorrow - to see whether Redmond gets ahead of a nasty Word zero-day that popped up last week.…