Microsoft Word

Videos and MS Office documents – ingredients for a malware attack

Security researchers say that they have uncovered a new way to serve up malware to computer users, by exploiting the way in which videos are embedded inside Microsoft Office documents.

And Microsoft has no plans to fix it.

1 min read

RAT flies under the radar with exploit-laden file downloaded by decoy Word document

A malware campaign is using a decoy Word document to automatically download an exploit-laden file and install a remote administration tool (RAT) for nefarious purposes.

David Bisson reports.

1 min read

Microsoft patches Word zero-day vulnerability being actively exploited in attacks

Microsoft has issued patches for 44 vulnerabilities, 13 of which are rated “critical”.

1 min read

Operation BugDrop – hackers steal gigabytes of data from organisations, record conversations

Victims of the secret surveillance operation have included a manufacturer of industrial control system monitoring equipment, a human rights institution, and a scientific research institute.

David Bisson reports.

1 min read

LinkedIn data used to disguise targeted malware attacks

Cunningly-crafted emails have been spammed out en masse in the Netherlands to spread banking malware… with a little help from information you may have shared in your LinkedIn profile.

1 min read

Poisoned Word document attack refuses to work if it believes it is being watched

Malware attempts to avoid examination by anti-virus researchers by detecting if it is running on a virtual. machine, or if various analysis tools are in place.

David Bisson reports.

1 min read

Targeted malware attack spends decade sliding under the radar

Researchers have uncovered a cybercrime operation that spent close to a decade infecting targets with dozens of previously unknown malware variants.

David Bisson reports.

1 min read

Beware PowerSniff! Malware uses Word macros and PowerShell scripts

Malware appears to be hunting for point of sales systems, while actively avoiding healthcare and educational computers.

David Bisson reports.

1 min read

Beware malicious invoices spammed out via email

It has been over 20 years since the first Word macro virus reared its ugly head and pulled the carpet from underneath the feet of computer users worldwide.

And to this day Word macro malware is still being spammed out.

Read more in my article on the Hot for Security blog.

0 sec read

What does a .locky file extension mean? It means you’ve been hit by ransomware

Ransomware with apparent links to a Dridex botnet affiliate has been spotted attempting to infect at least 450,000 computer users.

David Bisson reports.

2 min read

Scanner sent you a document? Beware of malware attack

Malware attack disguises itself as an email from your workplace’s Kyocera KM-1650 printer.

Repeat after me: “Thou shalt not open dodgy-looking attachments in unsolicited emails”

1 min read

Email from your photocopier? It could be a malware attack

Watch out! Criminals spam out malware attack disguised as scanned document from your photocopier.

1 min read

Banking malware spreading via Microsoft Word macros

Twenty years on, you might have imagined that macro malware would have been assigned to the dustbin of history. But sadly, it’s seeing something of a resurgence.

1 min read

Just previewing an Outlook email could infect your computer. Microsoft warns of zero-day flaw


Microsoft hasn’t patched against this zero-day vulnerability yet, which is actively exploited by malicious hackers.

1 min read

Mac malware found in malformed Word documents – is China to blame?

Minority groups in China appear to have been targeted by a Mac malware attack, delivered via boobytrapped Word documents.

Who could possibly be interested in targeting their computers?

8 sec read

What the RTF? Mac and Windows users at risk from boobytrapped documents

Think that Patch Tuesday is irrelevant to if you don’t run Windows?

Think again. Mac users advised to update their installations of Microsoft Office.

6 sec read