As if 2020 wasn’t bad enough already, it seems that phishing is back in fashion. We often do specialist IT recruitment work to find security experts for our clients, and this is one of the reasons why. But no matter how much security expertise you get in (or how many specialist IT recruitment companies you engage), human error is most often the main cause of a system breach, and email is the most common delivery system for malicious software.
This is from an article by Techradar.
Hackers have revived a decade-old Microsoft Office exploit – and they’re having a field day
Hackers have ramped up attempts to abuse a decade-old Microsoft Office flaw with the help of creative new email scams, new research has found.
If exploited successfully, the memory corruption bug could allow attackers to execute code on the target device remotely. This is especially problematic if the affected user account has administrative privileges, in which scenario the hacker could seize control of the system.
Once inside, a malicious actor could install programs at will, access and delete data, and create new accounts with full access rights.
Microsoft Office vulnerability
According to the Microsoft Security listing, to abuse the vulnerability hackers must trick targets into opening a specially crafted file containing an infected copy of Microsoft Office or Microsoft WordPad.
The most common and effective means of distributing these infected files is via email phishing campaigns, many of which are highly convincing and manipulative.
So it seems that you can’t trust anyone these days, not even hackers! Common-sense advice is to be careful when opening attachments of any kind, especially from someone you don’t know. Irregular spellings, unusual-looking email addresses, and non-standard filetypes are warning signs.
If you feel you’re your systems may be vulnerable and you may need specialist IT recruitment help, feel free to give us a call.
For the full original article, click here: Original article.