Security News > 2017 > November > Russian 'Fancy Bear' Hackers Using (Unpatched) Microsoft Office DDE Exploit
2017-11-09 01:07
Cybercriminals, including state-sponsored hackers, have started actively exploiting a newly discovered Microsoft Office vulnerability that Microsoft does not consider as a security issue and has already denied to patch it. Last month, we reported how hackers could leverage a built-in feature of Microsoft Office feature, called Dynamic Data Exchange (DDE), to perform code execution on the
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/NJpDug3pK2o/apt28-office-dde-malware.html
Related news
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Hackers exploit Four-Faith router flaw to open reverse shells (source)
- Chinese hackers targeted sanctions office in Treasury attack (source)
- Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens (source)
- Russian ISP confirms Ukrainian hackers "destroyed" its network (source)
- Treasury hackers also breached US foreign investments review office (source)
- Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Microsoft: macOS bug lets hackers install malicious kernel drivers (source)