Excel users need to be on guard as a newly discovered phishing campaign is targeting Microsoft's spreadsheet application.
This campaign distributes a new fileless malware version of a dangerous remote access Trojan that is being distributed through a Microsoft 365 (formerly Microsoft Office) vulnerability - and is now being actively exploited.
Hackers are targeting Excel to spread dangerous malware
Always on the front lines, Fortinent's Fortiguard Labs has uncovered a phishing campaign targeting Excel users.
The attack uses a phishing email lure disguised as a shipping order with a malicious Microsoft Excel spreadsheet attached. Once downloaded and opened, the spreadsheet exploits a remote code execution vulnerability (CVE-2017-0199) to download the HTML application.
Once downloaded, the HTML application executes and attempts to download another file – the actual Remcos malware. Remcos is a well-known remote access Trojan that can give attackers a direct line into an infected computer. It is one of many dangerous malware types that can be purchased in neat packages on underground hacker forums.
This time, however, researcher Xiaopeng Zhang found a fileless variant of the Remcos RAT that works with the infected system's memory, allowing it to evade detection by anti-malware tools. It also adds a specific autorun system registry to "maintain persistence and control over the victim's device across reboots"—another example of persistent malware.
Remcos RAT operators can use keyloggers and screen recorders to collect private information, audio, and other data. The stolen data is then encrypted and sent back to the operator, where it can be exploited.
Keep Microsoft 365 and your computer up to date to stay safe!
Unfortunately, the research does not indicate specific versions of Microsoft Excel affected by this vulnerability. Although the CVE-2017-0199 note does list older versions of Excel and Office under “Known Affected Software Configurations,” that section has not been updated since the phishing campaign was discovered.
So when in doubt, keep Microsoft 365 and your operating system up to date. If possible, upgrade to the latest version of Microsoft 365 for maximum security.
You may wonder why Task Manager is disabled? But don't worry! The following article will guide you through the best solutions to fix Task Manager when it is not working.
Thousands of tourists lose their phones every year. Here's what you need to do immediately after your phone is stolen.
The A18 Pro will serve as the successor to the A17 Pro, and is expected to power the iPhone 16 Pro and iPhone 16 Pro Max lineup.
The YouTube app provides several options for users to enable mobile data saver mode and you can use those options to reduce data consumption while watching videos.
Lithium batteries used in everyday devices and renewable energy storage can release more chemicals into the environment, exacerbating soil and water pollution problems.
The video shows a Komodo dragon with a terrifying bite force breaking a turtle's shell and swallowing the animal in seconds.
On September 14, NASA shared the most detailed image of the surface of Mars ever, along with a video that gives us a new and clearest panoramic view of the surface of the red planet.
To write special characters in Free Fire in the easiest way, follow the instructions in this article.
Enter the Slayers Unleashed code and get in-game rewards. In addition to Roblox games, mobile games like Sausage Man, Legendary Treasures... are also among the games that receive codes.
Writing on photos is a much better way to convey messages and express love than regular photos, which do not allow text to be inserted into the photo. Usually, photo editing applications on phones provide the feature of writing on photos with many unique fonts and styles.
Whether you're nostalgic or not, the iconic Snake game that came pre-installed on old Nokia phones is hard to forget. It still exists in countless versions today, including one from Spotify.
Some people decide to go with the default Internet browser that Samsung provides on Galaxy devices. It's simple, customizable, private, and packed with useful features.
Along with ChatGPT, this tutorial will show you how the Bulk Create app works in Canva. You'll be amazed at how you can create a month's worth of content in just a few minutes.
Can AI compete with traditional design tools? And when is the best time to use them?
Which status of jealousy and envy makes you feel the most? The article will summarize for you the best status of jealousy and envy on the Internet.
