- Russian ‘Fancy Bear’ Hackers Using (Unpatched) Microsoft Office DDE Exploit
Last month, security researcher has reported how hackers could leverage a built-in feature of Microsoft Office feature, called Dynamic Data Exchange (DDE), to perform code execution on the targeted device without requiring Macros enabled or memory corruption. According to the latest report, hackers actively exploiting a newly discovered Microsoft Office vulnerability that Microsoft does not consider as a security issue and has already denied to patch it. The attack is called as DDE Malware Attacks. DDE protocol is one of the several methods that Microsoft uses to allow two running applications to share the same data. Hackers are sending the malicious attachment the malicious attachment (with names like SabreGuard2017.docx or IsisAttackInNewYork.docx) once victim click on it, inadvertently runs malicious code on his/her computer without any restriction or detection.
Cyber Security Tips: Microsoft does not released any patch related to this attack, but users are advised f you use Microsoft Word 2016 or Microsoft Excel 2016, go to Options → Advanced, and then remove the checkmark from “Update automatic links at open” which is listed under the general group on the page and users are strongly recommended that the best way to protect yourself from such malware attacks is always to be suspicious of uninvited documents sent via emails and never click on links inside those documents unless adequately verifying the source.
- Hacker Distributes Backdoored IoT Vulnerability Scanning Script to Hack Script Kiddies
Script Kiddies are a person who uses existing computer scripts or codes to hack into computers. Script kiddies are always looking for the free hacking tools, scripts for the hacking purpose like Cobian RAT and a Facebook hacking tool. But beware hacker can be hack by hacker, Yes! According to the latest report, a security researcher has spotted another hacking tool—this time a PHP script—which is freely available on multiple popular underground hacking forums and allows anyone to find vulnerable internet-connected IP Cameras running the vulnerable version of GoAhead embedded web-server. After the analysing the scanning script, Newsky Security researcher Ankit Anubhav found that the tool also contains a secret backdoor, which essentially allows its creator to “hack the hacker. For example, if a script kiddie owns a botnet of 10,000 IoT and if he gets hacked, the entire botnet is now in control of the attacker who got control of the system of this script kiddie. Hence, by exploiting one device, he can add thousands of botnets to his army.”
Cyber Security Tips: Script kiddies are strongly recommended that beware of such free hacking tools and scripts.