Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Security Software Windows

Attackers Use Microsoft Office To Push BlackEnergy Malware (csoonline.com) 51

itwbennett writes: Researchers at SentinelOne reverse engineered the latest variant of the BlackEnergy 3 rootkit (the same malware used in recent attacks against Ukraine's critical infrastructure) and found indicators that suggest it is being used by insiders and that it is the byproduct of a nation-sponsored campaign. 'BlackEnergy 3 exploits an Office 2013 vulnerability that was patched some time ago, so it only works if the target machine isn't patched or an employee (either deliberately or after being tricked into it) executes the malicious Excel document,' writes CSO's Steve Ragan.
This discussion has been archived. No new comments can be posted.

Attackers Use Microsoft Office To Push BlackEnergy Malware

Comments Filter:
  • by Billly Gates ( 198444 ) on Thursday January 28, 2016 @07:53PM (#51392635) Journal

    ... Who turn off Windows update. All I can say is told you so.

  • Now that BizX, Inc has purchased Slashdot, I would like to welcome our new overlords. If you would like to welcome them, you can by contacting the CEO at: Roger Abbott CEO 858.454.5900 ext. 10501 And the President at: Roger Sheppard President 858.454.5900 ext. 20501 As an added bonus, the new overlords are a SEO company.
  • HELLO Ukraine, don't run your critical infrastructure on a malicious Excel document. Microsoft, the company that made typing dangerous.
  • If any nation is using an imported, outdated consumer OS for its critical infrastructure something is strange.
    Open networks that face the internet, commercial OS's and older applications should be replaced with more robust solutions.

    Re "... deployed in NATO countries, and more broadly across the European Union" Would an older vulnerability that might not exist or be updated even be of interest to an advanced nation-sponsored effort?
    The penetration products offered to nations are new, fancy and work on t
  • by Anonymous Coward

    ... I no longer feel shocked by reading "microsoft" and "malware/virus" in the same sentence. When you read some news about OS X, or some FUD about Linux, and malware there is room for some banter. But with microsoft it is kind of expected. Isn't it sad that the name of a company is that linked to malware?

"The voters have spoken, the bastards..." -- unknown

Working...