Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cyberspies Exploit Microsoft Office Using Targeted Attacks


  • Please log in to reply
No replies to this topic

#1 harrywaldron

harrywaldron

    Security Reporter


  • Members
  • 509 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Roanoke, Virginia
  • Local time:12:47 AM

Posted 25 April 2007 - 08:23 AM

These special targeted attacks are highly focused and very limited. Still, everyone in sensitive organizational settings (e.g., military, government, etc) should be cautious and look beyond traditional email approaches to safely exchange sensitive information. All users should avoid opening any untrusted attachments or URLs.

Cyberspies exploit Microsoft Office using Targeted Attacks
http://www.usatoday.com/tech/news/computer...ft-office_N.htm
http://isc.sans.org/diary.html?storyid=2688

Cyberspies have a new secret weapon: tainted Microsoft Office files. A rising number of cyberattacks are taking aim at specific individuals at critical government agencies and corporations enticing them to unwittingly open a corrupted Word, Excel or PowerPoint file sent as an e-mail attachment.

Clicking on the file relinquishes control of the PC without the user's knowledge. The attacker then uses the compromised PC as a base from which to roam the organization's internal network. Federal agencies and defense and nuclear contractors are under assault. Security firm Message Labs says it has been intercepting a series of attacks from PCs in Taiwan and China since November.

The Office file attacks are "very targeted and very limited," says Mark Miller, Microsoft's director of security response, who called on workers "to absolutely extend extreme caution" when opening Office files in e-mail.



BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users