Awareness of the variations of phishing email attacks is a big step in defending against them – that I why I always try and post about any in depth analysis of phishing emails and their payloads that SANS Internet Storm Centre runs. HTML phishing attachments – now with anti-analysis features …
IBM 726 dual tape drive. A Platinum Jubilee Fact.
There was a time, in TV and movie history, when if you needed to show a really powerful computer, then it needed lots of big cabinets with big spinning tapes – for example have a look at the image above from the 1964 film Dr Strangelove or the example below …
Continue reading “IBM 726 dual tape drive. A Platinum Jubilee Fact.”
Microsoft guidance for Office zero-day vulnerability – Follina
I have written about this Microsoft Word vulnerability earlier this week: New attack using Microsoft Office documents – could you or your team recognise it? – Smart Thinking Solutions There is still not patch – but Microsoft has issued some mitigation guidance: Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability …
Continue reading “Microsoft guidance for Office zero-day vulnerability – Follina”
Zero-day threat using Microsoft Office documents – even if macros are disabled – it’s called Follina
I have written about the usefulness and the threat that Microsoft Office document macros can pose to your cyber security. This flaw, called Follina, exploits Office functionality to retrieve an HTML file, and Microsoft Support Diagnostic Tool (MSDT) to run some malicious code, which can lead to privilege escalation attacks. …
New attack using Microsoft Office documents – could you or your team recognise it?
We all send and receive Microsoft Office documents, day in and day out, using email. It is how businesses and organisations work in a Microsoft Business World – even if you have a Mac or an iPad. So any attack vector that combine a Microsoft Word document with email is …