securityXspace: a blog about cyber-philosophy.

Researchers have identified security hole in Microsoft Office’s Excel spreadsheet program that allows an attacker to trigger a malware attack on remote systems. Source: New Microsoft Excel Attack Vector Surfaces

A weakness has been found in the Excel software, which allows hackers to drop and execute malware, making every user vulnerable Source: Every Excel user vulnerable by default as new flaw found

Chrome OS version 75, which Google released on Wednesday in the stable channel, adds more mitigations for recently disclosed Microarchitectural Data Sampling (MDS) vulnerabilities affecting most Intel processors made in the last decade. read more Source: Chrome OS 75 Adds More Mitigations for Intel MDS Flaws

The German police yesterday raided the house of the developer of OmniRAT and seized his laptop, computer and mobile phones probably as part of an investigation into a recent cyber attack, a source told The Hacker News. OmniRAT made headlines in November 2015 when its developer launched it as a legitimate remote administration tool for…

AMD Release Firmware Patch for SEV AMD have released firmware patch for the Secure Encrypted Virtualisation (SEV) which provides hardware accelerated memory encryption for data-in-user protection. AMD, partnering with industry researchers, discovered encryption keys could be compromised by manipulating the encryption technology’s behaviour. Attackers must have local access to the management interfaces of SEV with…

Exploit kit activity has been relatively quiet for some time, with the occasional malvertising campaign reminding us that drive-by downloads are still a threat. However, during the past few days we noticed a spike in our telemetry for what appeared to be a new exploit kit. Source: GreenFlash Sundown exploit kit expands via large malvertising…

A recap on what happened Monday On Monday we wrote about a painful Internet wide route leak. We wrote that this should never have happened because Verizon should never have forwarded those routes to the rest of the Internet. That blog entry came out around 19:58 UTC, just over seven hours after the route leak…

There is an increase in three main areas: spoofed phishing attempts, HTTPS encryption in URL-based attacks, and cloud-based attacks focused on publicly hosted, trusted file-sharing services, FireEye found, after analyzing a sample set of 1.3 billion emails. Source: Threat actors are doing their homework, researchers identify new impersonation techniques

By Waqas Both NanoCore and LokiBot are Info-stealing Trojans. Security researchers at the San Francisco-based firm Netskope have discovered a new malware campaign distributing the info-stealer malware LokiBot and NanoCore via ISO image file attachments that appear to be an invoice. Source: New attack spreads LokiBot & NanoCore malware in ISO image files

Cisco has patched two critical vulnerabilities in its Data Center Network Manager software, which could allow a remote attacker to take over affected devices. Source: Cisco Warns of Critical Flaws in Data Center Network Manager