Security Alerts & News
by Tymoteusz A. Góral

History
#2195 Critical Office 0day attacks detected in the wild
t McAfee, we have put significant efforts in hunting attacks such as advanced persistent threats and “zero days.” Yesterday, we observed suspicious activities from some samples. After quick but in-depth research, this morning we have confirmed these samples are exploiting a vulnerability in Microsoft Windows and Office that is not yet patched.

This blog post serves as a heads-up for our customers and all Office users to protect against this zero-day attack.

The samples we have detected are organized as Word files (more specially, RTF files with “.doc” extension name). The exploit works on all Microsoft Office versions, including the latest Office 2016 running on Windows 10. The earliest attack we have seen dates to late January.
Read more
#2203 LMAOxUS ransomware: another case of weaponized open source ransomware
#2202 Sathurbot: distributed WordPress password attack
#2201 Malvertising on iOS pushes eyebrow-raising VPN app
#2200 New malware intentionally bricks IoT devices
#2199 Cybercriminals are building an army of things creating a tipping point for cybersecurity
#2198 The top 5 dumbest cyber threats that work anyway
#2197 WikiLeaks just dropped the CIA’s secret how-to for infecting Windows
#2196 Shadow brokers publish the password for the rest the stolen NSA hacking tools
#2195 Critical Office 0day attacks detected in the wild
#2194 Payday lender Wonga confirms data breach
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12