By Ionut Arghire on September 06, 2017
Threat actors are leveraging malicious PowerPoint files and a recently patched Microsoft Office vulnerability to target UN agencies, foreign ministries, international organizations, and entities interacting with international governments, Fortinet warns.
The attack uses a file named ADVANCED DIPLOMATIC PROTOCOL AND ETIQUETTE SUMMIT.ppsx and exploits the CVE-2017-0199 vulnerability that Microsoft addressed in April, after malicious actors had been abusing it to deliver malware such as Dridex, WingBird, Latentbot and Godzilla. The exploit has been and continues to be used in attacks even after patching.
Last month, the first PowerPoint attacks to exploit CVE-2017-0199 for malware delivery emerged, associated with the distribution of a Trojanized version of the REMCOS legitimate and customizable remote access tool (RAT).
Full Article.
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.