"...the use of Word documents with macros becoming more popular in APT attacks"
Why don't they enable the apparmour profile for Word, etc?
Word up: BlackEnergy SCADA hackers change tactics
A new BlackEnergy spear-phishing campaign is targeting more Ukrainian firms, including a television channel. A spear-phishing document found by Kaspersky Lab analysts mentions the far-right Ukrainian nationalist political party "Right Sector" and appears to have been used in an attack against a popular television channel in …
-
Thursday 28th January 2016 21:00 GMT thames
Old wine in new bottles
This sounds like a pretty old fashioned computer virus. MS Word and Excel macro viruses that wiped your hard drive were all the rage back before there was money in viruses and all the miscreants wanted to do was to cause you some grief.
I can remember the days when it was common for MS Word and Excel attachments to be scanned for viruses at the mail server because they were so common. Then they started using the built-in MS Office file encryption and including the password in the email. The IT department would then simply block all MS Office attachments for a while whenever a new virus started making the rounds.
Roll forward to 2016, and the 1990s are back with their classic virus attacks.
I have to wonder though, how is the current version getting around virus scanning? Or perhaps the Ukrainians are too broke to afford anti-virus software? (Although I was under the impression that all software there was pirated anyway).
Biting the hand that feeds IT
