PowerPoint Files Abused to Take Over Computers
According to Avanan, a Check Point company, attackers are using specially crafted socially engineered emails with .ppam file attachments that hide malware. The malware can rewrite Windows registry settings on targeted machines. The under-the-radar PowerPoint files are able to hide malicious executables, leading to devastating attacks for victims. Researchers stated that the malware allows an attacher to take over an end user’s computer. This is the latest stealthy way that threat actors have been targeted desktop users through trusted applications. The phishing emails are able to evade security detections and appear legitimate, according to Check Point.
On Thursday, Avanan released a report detailing the campaign and confirming that the file contains bonus commands, custom macros, and other malicious functions. The campaign was identified in January when researchers observed attackers delivering socially engineered emails including the PowerPoint file attachments with malicious intent. One of the emails observed in the campaign consisted of the attacker pretending to be sending the recipient a purchase order. Although the attached file appeared legitimate, it contained a malicious executable.
OODA Loop provides actionable intelligence, analysis, and insight on global security, technology, and business issues. Our members are global leaders, technologists, and intelligence and security professionals looking to inform their decision making process to understand and navigate global risks and opportunities.
You can chose to be an OODA Loop Subscriber or an OODA Network Member. Subscribers get access to all site content, while Members get all site content plus additional Member benefits such as participation in our Monthly meetings, exclusive OODA Unlocked Discounts, discounted training and conference attendance, job opportunities, our Weekly Research Report, and other great benefits. Join Here.
For more information please click here. Thanks!
Already a member? Sign in to your account.
Black Swans and Gray Rhinos
Now more than ever, organizations need to apply rigorous thought to business risks and opportunities. In doing so it is useful to understand the concepts embodied in the terms Black Swan and Gray Rhino. See: Potential Future Opportunities, Risks and Mitigation Strategies in the Age of Continuous Crisis
Explore OODA Research and Analysis
Use OODA Loop to improve your decision making in any competitive endeavor. Explore OODA Loop
The greatest determinant of your success will be the quality of your decisions. We examine frameworks for understanding and reducing risk while enabling opportunities. Topics include Black Swans, Gray Rhinos, Foresight, Strategy, Stratigames, Business Intelligence and Intelligent Enterprises. Leadership in the modern age is also a key topic in this domain. Explore Decision Intelligence
We track the rapidly changing world of technology with a focus on what leaders need to know to improve decision-making. The future of tech is being created now and we provide insights that enable optimized action based on the future of tech. We provide deep insights into Artificial Intelligence, Machine Learning, Cloud Computing, Quantum Computing, Security Technology, Space Technology. Explore Disruptive/Exponential Tech
Security and Resiliency
Security and resiliency topics include geopolitical and cyber risk, cyber conflict, cyber diplomacy, cybersecurity, nation state conflict, non-nation state conflict, global health, international crime, supply chain and terrorism. Explore Security and Resiliency
The OODA community includes a broad group of decision-makers, analysts, entrepreneurs, government leaders and tech creators. Interact with and learn from your peers via online monthly meetings, OODA Salons, the OODAcast, in-person conferences and an online forum. For the most sensitive discussions interact with executive leaders via a closed Wickr channel. The community also has access to a member only video library. Explore The OODA Community