OceanLotus adopts public exploit code to abuse Microsoft Office software

guest · Mar 21, 2019

OceanLotus adopts public exploit code to abuse Microsoft Office software
APT32 is using a public exploit to abuse Office and compromise targeted systems
March 20, 2019
https://www.zdnet.com/article/ocean...loit-code-to-abuse-microsoft-office-software/

Also known as APT32, SeaLotus, APT-C-00, and Cobalt Kitty, OceanLotus is a hacking group which operates across Asia and focuses on gathering valuable intel on corporate, government, and political entities across Vietnam, the Philippines, Laos, and Cambodia.

The threat actors have been leveraging new tactics this year. ESET researchers said in a blog post on Wednesday that of particular interest is the use of publicly-available exploits for a memory corruption vulnerability present in Microsoft Office, CVE-2017-11882, which has been tailored for use in OceanLotus phishing attempts.

"OceanLotus is very active and keeps evolving," ESET says. "The group really focuses on varying their toolsets and decoys. They cleverly wrap their payloads with attractive documents based on current events that are likely to be of interest to their intended victims.
Click to expand...

shmu26 · Mar 21, 2019

This vulnerability was patched over a year ago.

Log in or Sign up

OceanLotus adopts public exploit code to abuse Microsoft Office software

guest Guest

shmu26 Registered Member

Log in or Sign up

OceanLotus adopts public exploit code to abuse Microsoft Office software

guest Guest

shmu26 Registered Member

Useful Searches