Blog Tag: Content-Disarm-Reconstruction

TSMC Virus Attack and the Need for a Secure Data Workflow for Manufacturing Networks

August 07, 2018 by John Alexander
Details of the TSMC Virus AttackOn Friday, 3 August 2018, the Taiwan Semiconductor Manufacturing Company (TSMC) was reportedly hit with a variant of the 2017 WannaCry ransomware, and from current reports the...

Defending Against SettingContent-MS being used in MS Office and PDF Files

July 31, 2018 by Taeil Goh
Summary SettingContent-ms is an XML file that allows users to create a shortcut to Windows 10 setting pages. Recently a serious vulnerability was published by Matt Nelson, a researcher at SpecterOps. Only a week after his report, it...

Singapore Hack – How Did it Happen and Could it Have Been Prevented?

July 20, 2018 by Taeil Goh
The Singapore government today reported that hackers have stolen personal data belonging to some 1.5 million people, calling it "the most serious breach of personal data" the country had experienced. The attackers broke into the government...

Fighting Attacks Using CAD application files

July 09, 2018 by Taeil Goh
OPSWAT Data Sanitization (Content Disarm and Reconstruction) focuses on the application file (e.g., Microsoft Office document) to keep it from being used as a delivery method for unknown threats (e.g., zero-day threats). We categorize...

Disarming a Multi-Stage Macro-Less Word Attack with Data Sanitization

March 05, 2018 by Taeil Goh
In November 2017, we published a blog post about how OPSWAT data sanitization (CDR) blocks macro-less attacks that use Microsoft Word documents. Recently, Trustwave published an article describing another...