The second-most popular delivery method is CVE-2017-11882, a patched Microsoft vulnerability that allows the attacker to perform arbitrary code-execution.
The Kronos banking trojan is back. Researchers have identified four unique campaigns that use variants of the once formidable malware.
A new wave of document attacks targeting inboxes do not require enabling macros in order for adversaries to trigger an infection chain that ultimately delivers FormBook malware.
Malicious e-mail attachments used in this campaign don’t display any warnings when opened and silently install malware.
Hackers are exploiting three Microsoft Office vulnerabilities to spread the Zyklon HTTP malware .
Researchers warn of a Microsoft remote code execution bug that has persisted for 17 years in Office, leaving the OS unprotected until the vulnerability was patched Tuesday.