Hooray 😊, I made it this week.
This week it's mostly about Microsoft and their popular product — Windows.
The most common malicious email attachments infecting Windows
Most is arguably the most targeted operating system due to its popularity and massive user base.
In the linked article, the author shares some document templates used in spam campaigns for wide-spread malware infections.
Excerpt from the article:
When distributing malware, threat actors create spam campaigns that pretend to be invoices, invites, payment information, shipping information, eFaxes, voicemails, and more. Included in these emails are malicious Word and Excel attachments, or links to them, that when opened and macros are enabled, will install malware on a computer.
Microsoft and Other Tech Companies Take Down TrickBot Botnet
TrickBot is banking Trojan that focuses on stealing banking information by luring the victim to open infected Microsoft Office documents and it seems Microsoft has had enough of it.
Excerpt from the article:
Since its origin as a banking Trojan in late 2016, TrickBot has evolved into a Swiss Army knife capable of pilfering sensitive information, and even dropping ransomware and post-exploitation toolkits on compromised devices, in addition to recruiting them into a family of bots.
Microsoft Releases Patches For Critical Windows TCP/IP and Other Bugs
The title says it all.
Excerpt from the article:
The flaws, 11 of which are categorized as Critical, 75 are ranked Important, and one is classified Moderate in severity, affect Windows, Office and Office Services and Web Apps, Visual Studio, Azure Functions, .NET Framework, Microsoft Dynamics, Open Source Software, Exchange Server, and the Windows Codecs Library.
Microsoft is forcibly installing Office PWAs in Windows 10
PWA stands for Progressive Web Application and has become a trend in recent year.
Excerpt from the article:
Microsoft is performing a test where they are installing a suite of Office progressive web apps in Windows 10 without asking permission from the user.
A progressive web app, or PWA, is an application designed to be delivered via the web without installing executables on the computer.
Zoom rolls out end-to-end encryption (E2EE) next week
Zoom has been in news for the wrong reason over the course of the year during the COVID-19 pandemic. Thing seems to be getting better for them.
Excerpt from the article:
"We’re excited to announce that starting next week, Zoom’s end-to-end encryption (E2EE) offering will be available as a technical preview, which means we’re proactively soliciting feedback from users for the first 30 days".
Microsoft Patches New Windows 'Ping of Death' Vulnerability
The title says it all.
Excerpt from the article:
One of the vulnerabilities that Microsoft addressed as part of the October 2020 Patch Tuesday is a critical bug in Windows’ TCP/IP driver that could lead to the remote execution of code.
Tracked as CVE-2020-16898, the issue is triggered when the TCP/IP stack doesn’t handle ICMPv6 Router Advertisement packets properly. An attacker could send specially crafted ICMPv6 Router Advertisement packets to a remote Windows machine to exploit the flaw and execute arbitrary code, Microsoft explains.
BleedingTooth: Vulnerabilities in Linux Bluetooth Allow Zero-Click Attacks
Yet another Bluetooth vulnerability.
Excerpt from the article:
Referred to as BleedingTooth, the issues were identified by Andy Nguyen, a security engineer from Google, and are tracked as CVE-2020-12351, CVE-2020-12352, and CVE-2020-24490. They were introduced in 2016, 2012, and 2018, respectively.
The most severe of these flaws is CVE-2020-12351, a heap-based type confusion that affects Linux kernel 4.8 and higher. The issue features a high severity rating (CVSS score of 8.3).
Thank you for reading. It means a lot to me that you've read, and I published this week after on and off in recent weeks. Once again, thank you.
Cover photo by Jazmin Quaynor on Unsplash.
That's it for this week, I'll see you next Friday.
Top comments (0)