Defending Against SettingContent-MS being used in MS Office and PDF Files
July 31, 2018 by Taeil Goh
SettingContent-ms is an XML file that allows users to create a shortcut to Windows 10 setting pages. Recently a serious vulnerability was published by Matt...
Singapore Hack – How Did it Happen and Could it Have Been Prevented?
July 21, 2018 by Taeil Goh
The Singapore government today reported that hackers have stolen personal data belonging to some 1.5 million people, calling it "the most serious breach of...
Disarming a Multi-Stage Macro-Less Word Attack with Data Sanitization
March 05, 2018 by Taeil Goh
In November 2017, we published a blog post about how OPSWAT data sanitization (CDR) blocks macro-less attacks that use Microsoft Word documents. Recently,...
How We Blocked a Word DDE Attack from APT28
November 16, 2017
Last week, the APT28 threat group (also known as "Fancy Bear") was discovered to be using the Dynamic Data Exchange (DDE) attack method that we described in...
An In-Depth Look at XML Document Attack Vectors
August 15, 2017 by Taeil Goh
In June, we published a short announcement about the beta release of XML document data sanitization (CDR) in which we briefly mentioned the importance of it:...
'Hacking with Pictures': Stegosploit and How to Stop It
August 02, 2017
For cyber criminals, image malware is the ideal way to launch a surprise attack. The vast majority of users do not expect a simple image file to be remotely...
Metadefender Now Supports Data Sanitization for XML Documents
June 08, 2017 by Taeil Goh
The flexibility of XML has resulted in its widespread usage, including within Microsoft Office documents and SOAP messages. However, XML documents have many...
For more information, please contact one of our cybersecurity experts.
