Security News
Microsoft has been on the warpath against legacy Office features that are providing entry points for bad actors since 2018.
After Office 2024 launches in October, Microsoft will disable ActiveX controls by default in Word, Excel, PowerPoint, and Visio client apps. [...]
In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. Based on not much more but these few data points and his knowledge of silicon chip development - he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley - he said that for the next decade, component counts by area could double every year.
The TrickBot banking trojan has gotten trickier, with the addition of a Windows 10 ActiveX control to execute malicious macros in boobytrapped documents. This creates and executes the OSTAP JavaScript downloader, which acts as a dropper for the TrickBot payload, without user interaction after they click the "Enable macros" button.
Siemens this week addressed several vulnerabilities and warned customers about the security risks associated with the use of ActiveX in industrial products. ActiveX has been known to pose serious security risks and it's currently only supported by Microsoft on Internet Explorer - ActiveX is not supported by other browsers such as Chrome, Safari or Firefox.
Tens of very basic but Critical vulnerabilities were found in 10 South Korean ActiveX controls as part of a short research project, security researchers with Risk Based Security say. read more
It's like a greatest hits album of terrible security policies Stop us if you've heard this one: A Flash zero-day vulnerability is being actively targeted in the wild.…
Changes in the group's script may indicate that the hackers may start using attack vectors other than ActiveX.
Watering Hole Attacks Target South Korean Users With ActiveX Exploits read more
An ActiveX zero-day vulnerability discovered recently on the website of a South Korean think tank focused on national security has been abused by the North Korean-linked Lazarus group in attacks,...