Once, we have the hashes in place, we need to know more about the sample. In this scenario, we will be using HASHER to calculate the hashes of the sample. In this article, we will look into a malicious word document to find out how the attackers/adversaries are trying to exploit vulnerabilities to gain access into enterprises. In case a document is trusted, the macros can be enabled by the end user. This is to ensure macros are blocked at 1st layer of defense. As adversaries have been using these documents by embedding MACROS within the document, Microsoft has taken an initiative to block all the MACROS by default in Microsoft Office. In recent years, we have observed an increase in the use of Malicious Office Documents, because employees are working on the Office Documents on daily basis and their emails include the same as well.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |