The well documented and widely contentious argument has perhaps been exhausted, but to what result? The two sides still passionately believe employee training either reduces the risk of a cyber attack or is a complete waste of company resources. The truth is there is no hard statistical evidence to strongly support security awareness training (SAT)…
Windows and its Office progeny may be approaching middle age, but like mischievous teens, they always seem to be up to something new – or, rather, the hackers that have specialized in breaking through PC defenses are always finding new things to exploit. The latest exploit is based on a little-known (until now) file format,…
“Russian hackers” have been much in the news of late, mostly for their alleged political leanings – but a new attack vector attributed to Russian hackers is wreaking havoc in businesses and on private networks around the world. Some 500,000 routers are said to be infected with VPNFilter, a malicious malware that has the capability…
In recent blog posts, we’ve discussed numerous malicious remote-code execution techniques hackers have been discovering – and capitalizing on – in Microsoft Office documents. And we’ve frankly been somewhat shocked that new vulnerabilities are apparently being discovered all the time on a platform that is decades old. But it turns out that Office users are…
Hackers never rest, and in recent weeks they have come up with a brand new scam. CVE-2018-8174, like CVE-2017-0199 which gained huge traction on April 2017, is another riff on inserting malware into malicious RTF Microsoft Office documents. Though another zero-day attack, this one contains an unusual combination of vulnerabilities that has yet to be…
The sandbox, last line of defense for many networks, isn’t what it used to be. Watch Votiro’s researcher, Amit Dori, shows how attackers can bypass sandbox security, inserting malicious code on servers without getting flagged, by taking advantage of basic rules of how VBA (Visual Basic for Applications) macros and sandboxes operate. If once a…
Next time you’re invited to a meeting, plan on being late – unless you want to give hackers access to your computer, network, or entire IT system. In the ongoing and ever-going battle against hackers, it’s come down to this; even responding to a meeting invitation can give hackers the in that they need to…
Every family has a skeleton in its closet, one that often remains hidden for a long time. But sooner or later, them bones will begin talking – and when they do, they will sing loudly, indicting the people behind their troubles, and revealing to the world their perfidy and failings. For Microsoft, the latest skeleton…
The technology will now be available for use by government, healthcare and education providers in 27 countries. Votiro, global leader in content disarm and reconstruction technology, a solution that protects organizations against undisclosed, zero-day exploits and other ongoing cyber threats, announced today that it has received the Common Criteria Certification from the Australian Signals Directorate…