#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

word macro attack | Breaking Cybersecurity News | The Hacker News

MS Office Built-In Feature Could be Exploited to Create Self-Replicating Malware

MS Office Built-In Feature Could be Exploited to Create Self-Replicating Malware

Nov 23, 2017
Earlier this month a cybersecurity researcher shared details of a security loophole with The Hacker News that affects all versions of Microsoft Office, allowing malicious actors to create and spread macro-based self-replicating malware. Macro-based self-replicating malware, which basically allows a macro to write more macros, is not new among hackers, but to prevent such threats, Microsoft has already introduced a security mechanism in MS Office that by default limits this functionality. Lino Antonio Buono, an Italian security researcher who works at InTheCyber , reported a simple technique (detailed below) that could allow anyone to bypass the security control put in place by Microsoft and create self-replicating malware hidden behind innocent-looking MS Word documents. What's Worse? Microsoft refused to consider this issue a security loophole when contacted by the researcher in October this year, saying it's a feature intended to work this way only—just like MS Offic
Watch Out! First-Ever Word Macro Malware for Apple Mac OS Discovered in the Wild

Watch Out! First-Ever Word Macro Malware for Apple Mac OS Discovered in the Wild

Feb 10, 2017
After targeting Windows-based computers over the past few years, hackers are now shifting their interest to Macs as well. The emergence of the first macro-based Word document attack against Apple's macOS platform is the latest example to prove this. The concept of Macros dates back to 1990s. You might be familiar with the message that reads: " Warning: This document contains macros. " Macro is a series of commands and actions that help automate some tasks. Microsoft Office programs support Macros written in Visual Basic for Applications (VBA), but they can also be used for malicious activities like installing malware. Until now, hackers were cleverly using this technique to target Windows. However, security researchers have now detected the first in-the-wild instance of hackers are making use of malicious macros in Word documents to install malware on Mac computers and steal your data – an old Windows technique. The hack tricks victims into opening infected W
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Cybersecurity Resources