When combining exploits for added effect goes wrong
By Talos Group Since public disclosure in April 2017, CVE-2017-0199 has been frequently used within malicious Office documents. The vulnerability allows attackers to include Ole2Link objects within RTF documents to launch remote code when HTA applications are opened and parsed by Microsoft Word. In this recent campaign, attackers combined CVE-2017-0199 exploitation with an earlier exploit, […]
When combining exploits for added effect goes wrong
By Talos Group Since public disclosure in April 2017, CVE-2017-0199 has been frequently used within malicious Office documents. The vulnerability allows attackers to include Ole2Link objects within RTF documents to launch remote code when HTA applications are opened and parsed by Microsoft Word. In this recent campaign, attackers combined CVE-2017-0199 exploitation with an earlier exploit, […]
4. Oberberg-Online Business-Frühstück
Die Anmeldung für unser 4. Business-Frühstück steht nun zur Verfügung. Termin ist der 28.09.2017 um 09:00 Uhr in unserem Hause. Wem vmWare zu teuer ist, sollte sich den Slot zum Thema Microsoft HyperV anhören…und wer auf Security Made in Germany steht, ist mit unserem Partner G DATA aus Bochum bestens versorgt. Wir freuen uns auf […]
WinDBG and JavaScript Analysis
By Talos Group This blog was authored by Paul Rascagneres. Introduction JavaScript is frequently used by malware authors to execute malicious code on Windows systems because it is powerful, natively available and rarely disabled. Our previous article on .NET analysis generated much interest relating to how to use WinDBG to analyse .js files. In this […]
WinDBG and JavaScript Analysis
By Talos Group This blog was authored by Paul Rascagneres. Introduction JavaScript is frequently used by malware authors to execute malicious code on Windows systems because it is powerful, natively available and rarely disabled. Our previous article on .NET analysis generated much interest relating to how to use WinDBG to analyse .js files. In this […]
Deep Dive into AMP and Threat Grid integration with Cisco Email Security
By Evgeny Mirolyubov In our previous blog posts about AMP and Threat Grid on Cisco Email Security, we have discussed the approach to email security, that organizations could take to protect themselves against advanced threats. We have as well discussed the components of the solution and how they work together to protect customers from the […]
Deep Dive into AMP and Threat Grid integration with Cisco Email Security
By Evgeny Mirolyubov In our previous blog posts about AMP and Threat Grid on Cisco Email Security, we have discussed the approach to email security, that organizations could take to protect themselves against advanced threats. We have as well discussed the components of the solution and how they work together to protect customers from the […]