Good news ! Hackbusters community is waiting for you !
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at:

Iranian Cyberspies Exploit Recently Patched Office Flaw

A cyber espionage group linked to Iran has been using a recently patched Microsoft Office vulnerability to deliver malware to targeted organizations, FireEye reported on Thursday.

The threat actor, tracked as APT34 by FireEye and OilRig by other companies, has been active since at least 2014, targeting organizations in the financial, government, energy, telecoms and chemical sectors, particularly in the Middle East.

Back in April, researchers noticed that APT34 had started exploiting an Office vulnerability (CVE-2017-0199) in attacks aimed at Israeli organizations shortly after Microsoft released a patch.

The cyberspies have now also started leveraging CVE-2017-11882, an Office vulnerability patched by Microsoft on November 14. FireEye said it had spotted an attack exploiting this flaw less than a week after the fix was released.

The remote code execution vulnerability affects the Equation Editor (EQNEDT32.EXE) component of Office and it has been around for 17 years. Some...(continued)

View All Trending Stories