Search This Blog

Tuesday, May 20, 2014

Miniduke still duking it out

At the end of April Microsoft announced that a vulnerability in Word was actively being exploited. This vulnerability occurred in parsing RTF files and was assigned CVE-2014-1761, a thorough analysis of which can be found on the HP Security Research blog. We have since seen multiple cases where this exploit is used to deliver malware and one was particularly interesting as it contained a new variant of MiniDuke (also known as Win32/SandyEva).



Miniduke still duking it out

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.