Cybersecurity Starts in the Boardroom
I have written about this Microsoft Word vulnerability earlier this week: New attack using Microsoft Office documents – could you or your team recognise it? – Smart Thinking Solutions There is still not patch – but Microsoft has issued some mitigation guidance: Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability …
Continue reading “Microsoft guidance for Office zero-day vulnerability – Follina”
The EnemyBot malware had added VMware and F5 critical flaws to it’s attack vectors: EnemyBot malware adds enterprise flaws to exploit arsenal • The Register The worse thing about this malware, (other than if it infects your systems), is that the “unarmed” code is available on Github.
I have written about the usefulness and the threat that Microsoft Office document macros can pose to your cyber security. This flaw, called Follina, exploits Office functionality to retrieve an HTML file, and Microsoft Support Diagnostic Tool (MSDT) to run some malicious code, which can lead to privilege escalation attacks. …
A new malware strain known as Cheerscrypt or Cheers, is targeting a VMware enterprise virtualisation tool – VMware ESXi systems. Ransomware Cheerscrypt targets VMware ESXi systems • The Register
We all send and receive Microsoft Office documents, day in and day out, using email. It is how businesses and organisations work in a Microsoft Business World – even if you have a Mac or an iPad. So any attack vector that combine a Microsoft Word document with email is …
