Microsoft Word

Smashing Security podcast #160: SNAFUs! MS Word, Amazon Ring, and TikTok

We discuss how Microsoft Word helped trap a multi-million dollar fraudster, how Amazon Ring may be recording more than you’re comfortable with, and how teens are flocking to TikTok (and why that might be a problem).

All this and much more is covered in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

Videos and MS Office documents – ingredients for a malware attack

Security researchers say that they have uncovered a new way to serve up malware to computer users, by exploiting the way in which videos are embedded inside Microsoft Office documents.

And Microsoft has no plans to fix it.

RAT flies under the radar with exploit-laden file downloaded by decoy Word document

A malware campaign is using a decoy Word document to automatically download an exploit-laden file and install a remote administration tool (RAT) for nefarious purposes.

David Bisson reports.

Microsoft patches Word zero-day vulnerability being actively exploited in attacks

Microsoft has issued patches for 44 vulnerabilities, 13 of which are rated “critical”.

Operation BugDrop – hackers steal gigabytes of data from organisations, record conversations

Victims of the secret surveillance operation have included a manufacturer of industrial control system monitoring equipment, a human rights institution, and a scientific research institute.

David Bisson reports.

LinkedIn data used to disguise targeted malware attacks

Cunningly-crafted emails have been spammed out en masse in the Netherlands to spread banking malware… with a little help from information you may have shared in your LinkedIn profile.

Poisoned Word document attack refuses to work if it believes it is being watched

Malware attempts to avoid examination by anti-virus researchers by detecting if it is running on a virtual. machine, or if various analysis tools are in place.

David Bisson reports.

Targeted malware attack spends decade sliding under the radar

Researchers have uncovered a cybercrime operation that spent close to a decade infecting targets with dozens of previously unknown malware variants.

David Bisson reports.

Beware PowerSniff! Malware uses Word macros and PowerShell scripts

Malware appears to be hunting for point of sales systems, while actively avoiding healthcare and educational computers.

David Bisson reports.

Beware malicious invoices spammed out via email

It has been over 20 years since the first Word macro virus reared its ugly head and pulled the carpet from underneath the feet of computer users worldwide.

And to this day Word macro malware is still being spammed out.

Read more in my article on the Hot for Security blog.

What does a .locky file extension mean? It means you’ve been hit by ransomware

Ransomware with apparent links to a Dridex botnet affiliate has been spotted attempting to infect at least 450,000 computer users.

David Bisson reports.

Scanner sent you a document? Beware of malware attack

Malware attack disguises itself as an email from your workplace’s Kyocera KM-1650 printer.

Repeat after me: “Thou shalt not open dodgy-looking attachments in unsolicited emails”

Email from your photocopier? It could be a malware attack

Watch out! Criminals spam out malware attack disguised as scanned document from your photocopier.

Banking malware spreading via Microsoft Word macros

Twenty years on, you might have imagined that macro malware would have been assigned to the dustbin of history. But sadly, it’s seeing something of a resurgence.

Just previewing an Outlook email could infect your computer. Microsoft warns of zero-day flaw


Microsoft hasn’t patched against this zero-day vulnerability yet, which is actively exploited by malicious hackers.

Mac malware found in malformed Word documents – is China to blame?

Minority groups in China appear to have been targeted by a Mac malware attack, delivered via boobytrapped Word documents.

Who could possibly be interested in targeting their computers?