A newly discovered attacking method that exploits a built-in feature of Microsoft Office is currently being used in various widespread malware attack campaigns called DDE. This exploitation technique displays no “security” warnings to victims. Dynamic Data Exchange (DDE) protocol is one of the several methods that Microsoft uses to allow two running applications to share the same data.
The protocol is being used by thousands of apps, including MS Excel, MS Word, Quattro Pro, and Visual Basic for one-time data transfers and for continuous exchanges for sending updates to one another.
To be protected from this attack it is highly recommended to disable the “update automatic links at open” option in the MS Office software. To do so, for example, go to
Word File Options Advanced and scroll down to General and then uncheck “Update
automatic links at open”
Cyber Security Statistics
Distributed Denial of Service (DDoS) attack is a well-known threat in Cyber Security field. Such
attack has the ability to interrupt the server performance significantly. Arbor Networks analyzed
data received by 335 different ISPs to analyze cybersecurity trends and found that the Middle East suffered a total of 23,000 DDoS attacks in the previous month only. The most targeted areas were Saudi Arabia and Kuwait. %38 of the attacks were over 1 Gbps, but the global peak hit Saudi Arabia reached 140 Gbps.
New Cyber Threats
Security researchers have discovered a new privilege-escalation vulnerability in Linux kernel, that allows a local attacker to execute code on the affected systems with root access privilege. The discovered security vulnerability impacts the Advanced Linux Sound Architecture (ALSA), which is a software framework that establishes an Application Programming Interface (API) for sound card drivers in the Linux kernel.
Cyber Security Tip
Did you know that company employees are responsible for %60 of all digital attacks endured by
enterprises? Many of the most newsworthy breaches don’t come through the front door but from internal weaknesses. That’s why it’s highly essential to be protected from possible internal threats as much as being protected against external threats.