Tag: microsoft-word

Microsoft Word 0-day used to push dangerous Dridex malware on millions

Enlarge / A sample e-mail from Dridex campaign exploiting Microsoft Word zero-day. (credit: Proofpoint) Booby-trapped documents exploiting a critical zero-day vulnerability in Microsoft Word have been sent to millions of people around the world in a blitz aimed at installing Dridex, currently one of the most dangerous bank fraud threats on the Internet. As Ars reported on Saturday, the vulnerability is notable because it bypasses exploit mitigations built into Windows, doesn’t require targets to enable macros, and works even against Windows 10, which is widely considered Microsoft’s most secure operating system ever. The flaw is known to affect most or all Windows versions of Word, but so far no one has ruled out that exploits might also be possible against Mac versions. Researchers from security firms McAfee and FireEye warned that the malicious Word documents are being attached to e-mails but didn’t reveal the scope or ultimate objective of the campaign. In a blog post published Monday night , researchers from Proofpoint filled in some of the missing details, saying the exploit documents were sent to millions of recipients across numerous organizations that were primarily located in Australia. Proofpoint researchers wrote: Read 2 remaining paragraphs | Comments

Continued here:
Microsoft Word 0-day used to push dangerous Dridex malware on millions

Hackers who took control of PC microphones siphon >600 GB from 70 targets

Enlarge (credit: Defense Advanced Research Projects Agency ) Researchers have uncovered an advanced malware-based operation that siphoned more than 600 gigabytes from about 70 targets in a broad range of industries, including critical infrastructure, news media, and scientific research. The operation uses malware to capture audio recordings of conversations, screen shots, documents, and passwords, according to a blog post published last week by security firm CyberX. Targets are initially infected using malicious Microsoft Word documents sent in phishing e-mails. Once compromised, infected machines upload the pilfered audio and data to Dropbox, where it’s retrieved by the attackers. The researchers have dubbed the campaign Operation BugDrop because of its use of PC microphones to bug targets and send the audio and other data to Dropbox. “Operation BugDrop is a well-organized operation that employs sophisticated malware and appears to be backed by an organization with substantial resources,” the CyberX researchers wrote. “In particular, the operation requires a massive back-end infrastructure to store, decrypt, and analyze several GB per day of unstructured data that is being captured from its targets. A large team of human analysts is also required to manually sort through captured data and process it manually and/or with Big Data-like analytics.” Read 7 remaining paragraphs | Comments

View post:
Hackers who took control of PC microphones siphon >600 GB from 70 targets

Meet Saya: the incredibly realistic computer-generated Japanese schoolgirl

Teruyuki and Yuki Ishikawa are a husband-and-wife team of freelance 3D computer graphics artists from Tokyo. Their latest creation is Saya, and she is going to be the star in the movie they are self-producing. (more…)

Read this article:
Meet Saya: the incredibly realistic computer-generated Japanese schoolgirl

Select All Text with the Same Formatting in Word (and Other Word Tips)

If you ever want to change the style of all the headings or captions in a document, bold all the italicized text, or otherwise fine-tune the formatting of your document in one swoop, Microsoft Word has a setting for that. Read more…        

Read the article:
Select All Text with the Same Formatting in Word (and Other Word Tips)