Blog

Vulnerability

For the past few years, we have been seeing macro-based attacks through Object Linking Embedding (OLE)/Microsoft Office files. But, presently, attackers are using a different technique to spread malware through Office files – using a new attack vector called ‘Dynamic Data Exchange (DDE)’. DDE is an authorized Microsoft Office feature that provides several methods for transferring data between applications. Once the communication protocol is established, it doesn’t require user interactions...
A new Internet vulnerability is affecting popular SSL clients across the web. Eerily named FREAK, this flaw allows malicious parties and attackers to force servers to automatically downgrade to weakened ciphers. Once this is done, the attackers can easily crack all encrypted communications of these weakened servers through advanced Man-In-The-Middle...