Recently, MalwareBytes posted a story about a new macro-less technique attackers can use to booby-trap an Office document with malware. Turns out the story was based on research from the SpecterOps team from over a month ago. By leveraging a lesser known file type, an attacker can create a malicious Office document that could execute malware, and even bypass some of Windows’ latest security mechanisms. Watch the video to learn more about this technique.
Episode Runtime: 3:49
Direct YouTube Link: https://www.youtube.com/watch?v=kh2pLe0ilkU
EPISODE REFERENCES:
- New macro-less technique to distribute malware – MalwareBytes.com
- The tale of SettingsContent-ms files –Specterops.io
—Corey Nachreiner, CISSP (@SecAdept)
Leave a Reply