Latest YouTube Video

Wednesday, December 16, 2015

[FD] #BadWinmail: The "Enterprise Killer" Attack Vector in Microsoft Outlook

Hi All, I have released a paper & demo describing a novel/serious attack vector I discovered in Microsoft Outlook. Paper: http://ift.tt/1JcnVRa: https://www.youtube.com/watch?v=ngWVbcLDPm8 Reference:http://ift.tt/1IUWPDg --ConclusionIn this report, the author disclosed a novel attack vector to attack Outlook users via emails, which theauthor named as BadWinmail. Specifically, we disclosed that a Flash (or other types of) exploit can bepacked and delivered via a TNEF email (or MSG attachment). The most serious impact is that the exploitwill get executed as long as the Outlook user reads/previews the attacking email. Because there is nosandbox on Outlook, it allows the attacker to take control of the victim’s computer immediately. BadWinmail is an ideal attacking technique for targeted/APT attacks because of its severity and thenature of email-based attacks - all the attacker needs to know is the victim’s email address. It’s a “killer”exploit-delivering method as usual tricks such as delivering via email attachments or delivering via URLs(in email bodies) require additional user interactions and are protected by various applicationsandboxes. It’s also a wormable issue rarely seen on Windows platform nowadays

Source: Gmail -> IFTTT-> Blogger

No comments: