CPR check point research
Check Point Research has uncovered four different Security threats with Microsoft Office. The threats are related to the MSGraph COM component in MS Office which dates back to older versions and is still in use. As such, it can be used by hackers to infiltrate a system. At the same time. Check Point updated its list of “Most Wanted” malware threats and now places Trickbot at the top of the list.
–
We have recently discovered 4 security issues applicable in most MS-Office products.
Read all the details here:https://t.co/KxPiOnCxeq
cc @sagitz_ @NetanelBenSimon— Check Point Research (@_CPResearch_) June 8, 2021
Please help us out :
Will you offer us a hand? Every gift, regardless of size, fuels our future.
Your critical contribution enables us to maintain our independence from shareholders or wealthy owners, allowing us to keep up reporting without bias. It means we can continue to make Jewish Business News available to everyone.
You can support us for as little as $1 via PayPal at [email protected].
Thank you.
Trickbot, explains Check Point, is a botnet and banking Trojan that can steal financial details, account credentials, and personally identifiable information, as well as spread within a network and drop ransomware, particularly Ryuk. It is constantly being updated with new capabilities, features and distribution vectors, which enables it to be a flexible and customizable malware that can be distributed as part of multi-purpose campaigns. According to Check Point, Trickbot gained popularity after the takedown of the Emotet botnet in January, and made fresh headlines this week as the US Justice Department charged a Latvian woman for her role in creating and deploying the Trickbot malware.
“There have been a lot of talks about the recent increase in ransomware attacks, but we are actually seeing a huge surge in the number of cyberattacks in general. It is a significant and troubling trend,” said Maya Horowitz, Director, Threat Intelligence & Research, Products at Check Point. “It’s reassuring to see that charges have been filed in the fight against Trickbot, this month’s most prevalent malware, but clearly there is still a long way to go. Organizations need to be aware of the risks and ensure adequate solutions are in place, but also remember that attacks cannot only be detected, they can also be prevented, including zero-day attacks and unknown malware. With the right technologies in place, the majority of attacks, even the most advanced ones can be prevented without disrupting the normal business flow.”
CPR check point research
As for MS Office, Cheek Point explains that the security opening can be used to access all of the MS Office programs. The company says that it managed to find several vulnerabilities that affect multiple products in this ecosystem. The results of this research were a set of files that could be embedded in different ways to potentially exploit different Office products across multiple platforms. The company says that Microsoft was informed of the threats and has come up with a patch to solve the problem.
