Threat Level: green Handler on Duty: Manuel Pelaez

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft Office Exploit

Published: 2007-04-24
Last Updated: 2007-04-24 16:18:55 UTC
by Deborah Hale (Version: 1)
0 comment(s)
On Monday in an article in USA Today the title reads “Cyberspies exploit Microsoft Office”. The article states that the CyberSpies have tainted Microsoft Office files and are emailing them to specific organizations in hopes that the unsuspecting employee will open the attachment, infect their computer thus opening a hole which the attacker can then use to explore in the infected network and look for trade secrets, military secrets, passwords, etc. MessageLabs in an interview with USA Today said that it has intercepted assaults coming from Taiwan and China since November 2006. It appears that the targets are Federal Agencies, Defense and Nuclear contractors.

In a quote from the article, our own Alan Paller at Sans Institute says:

“Assaults are coming from China and perhaps other countries in the hunt for military, trade and infrastructure intelligence, says Alan Paller, research director at The SANS Institute, a security think tank. The goal: strategic advantage over the USA. "The attacks are working," says Paller. "Penetrations are deep and broad."

For more information and to read the article:

www.usatoday.com/tech/news/computersecurity/2007-04-22-cyberspies-microsoft-office_N.htm
Keywords:
0 comment(s)
Diary Archives