CTO's Blog

Cyber Security Insights for the Chief Technology Officer & Executive 

Proof of Concept (PoC) Attack Leverages Microsoft Office and YouTube to Deliver Malware

November 26, 2018 by Vinh Lam
Researchers at Cymulate have discovered a way to deliver and execute malware through the Online Video feature in Microsoft Office Word (https://blog.cymulate.com/abusing-microsoft-office-online-video). Here we outline a brief summary of...

Data Sanitization against Steganography, Evasion

November 06, 2018 by Taeil Goh
We have warned about the risk of steganography in the previous blog. Steganography is the method of concealing messages, images, videos or malware within a file or a message. We have now observed steganography in actual attacks*. Just...

How to Protect Against Software Supply Chain Attacks

October 04, 2018 by Taeil Goh
What protections do you have in place to ensure that your software builds are virus-free before releasing to the public? With software supply chain attacks on the rise, it is more important than ever to ensure that your software build is...

Defending Against SettingContent-MS being used in MS Office and PDF Files

July 31, 2018 by Taeil Goh
Summary SettingContent-ms is an XML file that allows users to create a shortcut to Windows 10 setting pages. Recently a serious vulnerability was published by Matt Nelson, a researcher at SpecterOps. Only a week after his report, it...

Singapore Hack – How Did it Happen and Could it Have Been Prevented?

July 20, 2018 by Taeil Goh
The Singapore government today reported that hackers have stolen personal data belonging to some 1.5 million people, calling it "the most serious breach of personal data" the country had experienced. The attackers broke into the government...

Sign up for Blog updates

Get information and insight from the leaders in advanced threat prevention.