Menlo Security Report

Malicious documents attached to emails as an attack delivery mechanism is not new.

Microsoft Office:
The New Platform for Exploiting Zero-Days

The complexity and cost of cyber security is escalating beyond the ability of most enterprises to keep up. Yet, the efficacy of cybersecurity solutions deployed today is degrading quickly. With over 90% of end user attacks originating via web and email, securing these channels has become paramount to businesses.

In this report, we connect the dots on some of the latest attack methods, which show a shift from legacy ‘macro’ type malicious attachments to a new technique where phishing emails with attached Office docs access remotely hosted malicious components, forcing exploits on Internet Explorer – even though it may not be a user’s default browser – and Shockwave Flash, infecting targeted systems.

Download this report to learn:

    • Why Microsoft Office will continue to be the attackers’ mechanism of choice
    • Why attackers are increasingly turning to Office documents accessing remote-hosted malicious components for endpoint exploitation.
    • What should be expected of “bad actors” in the future.
    • If there is an existing technology that best protects against these growing attack vectors.