Microsoft Office Word / Wordpad remote code execution vulnerability allows a remote attacker to execute arbitrary code on the system. An attacker can send specially crafted files which can cause the MS Word / Wordpad to download a remote shell and the attacker can gain access of the system. Once, the attacker has control of the machine, he / she can install a software, create a backdoor, view, modify or delete data, can create users with full permissions.
Nowadays, anything you do in the digital world is being tracked by someone. Either government agencies or the bad guys are always watching you. It’s now easy to shield your activities from these watchdogs.
Recently, we encountered a security incident for one of our major BFSI clients. This client was hit by a DDoS attack. The victim received an email the previous day asking them to either pay certain ransom amount or become the victim of this attack. The severity of the attack would increase if the victim did not pay the ransom money to the cyber-terrorist group. The victim was using a well-known Cloud Service Provider’s Network to host one of their static web application.