Unique Office Loader Deploying Multiple Malware Families
Unit 42 analyzes unique office loader that leverages malicious macros that are used to deploy numerous malware families.
Posts tagged with: Microsoft Office
Palo Alto Networks Unit 42 Vulnerability Research December 2016 Disclosures
As part of Unit 42’s ongoing threat research, we can now disclose that Palo Alto Networks Unit 42 researchers have reported six vulnerabilities that have been fixed by Apple, Adobe and Microsoft. This includes two vulnerabilities in Apple WebKit and impacts iCloud for Windows, Safari, iTunes for Windows, tvOS and iOS. CVE-2016-7639: Tongbo Luo CVE-2016-7642:
Technical Walkthrough: Office Test Persistence Method Used In Recent Sofacy Attacks
As mentioned in our previous blog, we observed the Sofacy group using a new persistence mechanism that we call “Office Test” to load their Trojan each time the user opened Microsoft Office applications. Following the report, we received several questions regarding this persistence method, specifically how it works and which versions of Microsoft Office were
Get updates on Unit 42
Sign up to receive the latest news, cyber threat intelligence and research from Unit 42
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.
BBSRAT Attacks Targeting Russian Organizations Linked to Roaming Tiger
In late 2014, ESET presented an attack campaign that had been observed over a period of time targeting Russia and other Russian speaking nations, dubbed “Roaming Tiger”. The attack was found to heavily rely on RTF exploits and at the time, thought to make use of the PlugX malware family. ESET did not attribute the