CTO's Blog

Cyber Security Insights for the Chief Technology Officer & Executive 

Metadefender Now Supports Content Disarm and Reconstruction for OpenDocument Text

December 07, 2017 by Vinh Lam
Instead of purchasing the widely used Microsoft Office suite, many users opt to use the free alternatives LibreOffice or Apache OpenOffice. However, these open-source software products contain many vulnerabilities that attackers can...

How We Blocked a Word DDE Attack from APT28

November 16, 2017
By the OPSWAT Data Sanitization Team Last week, the APT28 threat group (also known as "Fancy Bear") was discovered to be using the Dynamic Data Exchange (DDE) attack method that we described in our recent blog post, "Data Sanitization...

Data Sanitization Prevents Macro-Less MS Word Attacks

November 08, 2017
By the OPSWAT Data Sanitization Team Malicious Word Documents Without Macros Attackers have used macros in Microsoft Word documents for malware delivery for a long time, starting in the mid-to-late 1990s. To combat this, Microsoft added...

An In-Depth Look at XML Document Attack Vectors

August 14, 2017 by Taeil Goh
In June, we published a short announcement about the beta release of XML document data sanitization (CDR) in which we briefly mentioned the importance of it: "The flexibility of XML has resulted in its widespread usage, including within...

'Hacking with Pictures': Stegosploit and How to Stop It

August 02, 2017
For cyber criminals, image malware is the ideal way to launch a surprise attack. The vast majority of users do not expect a simple image file to be remotely risky. This makes attacks like "Stegosploit" particularly dangerous to both...

Metadefender Now Supports Data Sanitization for XML Documents

June 08, 2017 by Taeil Goh
The flexibility of XML has resulted in its widespread usage, including within Microsoft Office documents and SOAP messages. However, XML documents have many security vulnerabilities that can be targeted for different types of attacks,...

Preventing Targeted Attacks That Use JTD or HWP Documents

March 06, 2017 by Taeil Goh
An increasingly popular and effective method of compromising computer security, especially as part of a targeted attack, involves sharing common document types or image files with victims. Even though the original versions of these files...

Sign up for Blog updates

Get information and insight from the leaders in advanced threat prevention.