Exploits, software that takes advantage of a bug or vulnerability, for Microsoft Office in-the-wild hit the list of cyber headaches in Q1 2018. Overall, the number of users attacked with malicious Office documents rose more than four times compared with Q1 2017. In just three months, its share of exploits used in attacks grew to almost 50% – this is double the average share of exploits for Microsoft Office across 2017. These are the main findings from Kaspersky Lab’s Q1 IT threat evolution report.
Attacks based on exploits are considered to be very powerful, as they do not require any additional interactions with the user and can deliver their dangerous code discreetly. They are therefore widely used; both by cybercriminals looking for profit and by more sophisticated nation-backed state actors for their malicious purposes.
The first quarter of 2018 experienced a massive inflow of these exploits, targeting popular Microsoft Office software. According to Kaspersky Lab experts, this is likely to be the peak of a longer trend, as at least ten in-the-wild exploits for Microsoft Office software were identified in 2017-2018 – compared to two zero-day exploits for Adobe Flash player used in-the-wild during the same time period.
The share of the latter in the distribution of exploits used in attacks is decreasing as expected (accounting for slightly less than 3% in the first quarter) – Adobe and Microsoft have put a lot of effort into making it difficult to exploit Flash Player.
After cybercriminals find out about a vulnerability, they prepare a ready-to-go exploit. They then frequently use spear-phishing as the infection vector, compromising users and companies through emails with malicious attachments. Worse still, such spear-phishing attack vectors are usually discreet and very actively used in sophisticated targeted attacks – there were many examples of this in the last six months alone.
For instance, in late 2017, Kaspersky Lab’s advanced exploit prevention systems identified a new Adobe Flash zero-day exploit used in-the-wild against our customers. The exploit was delivered through a Microsoft Office document and the final payload was the latest version of FinSpy malware. Analysis of the payload enabled researchers to confidently link this attack to a sophisticated actor known as ‘BlackOasis’. The same month, Kaspersky Lab’s experts published a detailed analysis of СVE-2017-11826, a critical zero-day vulnerability used to launch targeted attacks in all versions of Microsoft Office. The exploit for this vulnerability is an RTF document containing a DOCX document that exploits СVE-2017-11826 in the Office Open XML parser. Finally, just a couple of days ago, information on Internet Explorer zero day CVE-2018-8174 was published. This vulnerability was also used in targeted attacks.
“The threat landscape in the first quarter again shows us that a lack of attention to patch management is one of the most significant cyber-dangers. While vendors usually issue patches for the vulnerabilities, users often can’t update their products in time, which results in waves of discreet and highly effective attacks once the vulnerabilities have been exposed to the broad cybercriminal community,” notes Alexander Liskin, security expert at Kaspersky Lab.
Other online threat statistics from the Q1, 2018 report include:
- Kaspersky Lab solutions detected and repelled 796,806,112 malicious attacks from online resources located in 194 countries around the world.
- 282,807,433 unique URLs were recognised as malicious by web antivirus components.
- Attempted infections by malware that aims to steal money via online access to bank accounts were registered on 204,448 user computers.
- Kaspersky Lab’s file antivirus detected a total of 187,597,494 unique malicious and potentially unwanted objects.
- Kaspersky Lab mobile security products also detected:
- 1,322,578 malicious installation packages.
- 18,912 mobile banking Trojans (installation packages).
To reduce the risk of infection, users are advised to:
- Keep the software installed on your PC up to date, and enable the auto-update feature if it is available.
- Wherever possible, choose a software vendor that demonstrates a responsible approach to a vulnerability problem. Check if the software vendor has its own bug bounty program.
· Regularly run a system scan to check for possible infections and make sure you keep all software up to date.
- Businesses should use a security solution that provides vulnerability, patch management and exploit prevention components, such as Kaspersky Endpoint Security for Business. The patch management feature automatically eliminates vulnerabilities and proactively patches them. The exploit prevention component monitors suspicious actions of applications and blocks malicious files executions.
Huawei Mate 20 Pro matches camera benchmark record
A benchmark by DxOMark sees the triple-cam handset tie with the P20 Pro for best smartphone camera on the market.
The Huawei Mate 20 Pro has come out top in a camera benchmark test that assesses all aspects of smartphone camera performance.
DxOMark, which conducts rigorous hardware testing and is trusted as an industry standard for image quality measurements, has just released the results of its in-depth analysis of the Huawei Mate 20 Pro smartphone camera.
The Huawei Mate 20 Pro is the Chinese manufacturer’s latest top-end device. Building on the P20 Pro’s camera technology, the Mate 20 Pro comes with a Leica-branded triple-camera setup, but swaps its stable-mate’s monochrome camera for a super-wide-angle module, offering a 35mm-equivalent focal length range from 16 to 80mm—the widest of all current smartphone cameras.
The handset is in direct competition with the Apple iPhone XS Max, the Google Pixel 3 XL, the Samsung Galaxy Note 9, among other. How does it fare?
“With a total photo score of 114, the Huawei Mate 20 Pro ties the record-setting score of its cousin, the P20 Pro,” says DxOMark. “The overall Photo score is calculated from sub-scores in tests that examine different aspects of its performance under different lighting conditions.”
The Huawei Mate 20 Pro achieves a photo score of 114 points. In stills mode, the Mate 20 Pro’s triple camera captures images with good target exposure and a wide dynamic range, recording both good highlight and shadow detail even in difficult high-contrast situations. Noise levels are well under control down to low light levels, and the camera’s white balance system and colour rendering settings produce a pleasant colour response in almost all circumstances.
At 97 points, the Mate 20 Pro is very close to the best for video as well, thanks to a fast and smooth autofocus system with good tracking performance, accurate white balance as well as pleasant colour rendering, and low levels of noise, especially in bright shooting conditions. Our testers also liked the exposure system’s ability to adapt quickly and smoothly to changes in illumination.
It was not all good news. DxOMark also had some criticism for the device.
Click here to read about the drawbacks of the Mate 20 Pro camera, and other positives.
SA car wins
The final stage of Dakar 2019 drew to a close at the bivouac in Pisco, Peru, and saw Toyota Gazoo Racing South Africa’s Nasser Al Attiyah and Mathieu Baumel bring home their South African-built Toyota Hilux for
The Qatari driver ensured his French navigator, who turned 43 years old on Thursday, 17 January, received a great birthday present, when the pair arrived at the final time control of Dakar 2019 with teammates Giniel de Villiers and Dirk von Zitzewitz in close formation. The two Toyota Hilux crews completed the entire stage together, as De Villiers / Von Zitzewitz waited nearly 55 minutes for the leaders to start the stage, in order to shadow them to the finish.
The emotions bubbled over for Team Principal Glyn Hall, who found himself without words as his two crews drove into the media area after the time control. “This victory was long overdue,” he finally managed, before being swamped in a sea of well-wishers.
The winning driver, however, was much more vocal: “We are so happy to win the Dakar – not only for ourselves, but also for Toyota and the entire Toyota Gazoo Racing SA team. Everyone has worked so hard for so long, and really deserve this. Thank you for letting us drive this car.”
Toyota Gazoo Racing SA led Dakar 2019 from the first to the last stage, with Al Attiyah/Baumel drawing first blood, before handing the mantle to De Villiers / Von Zitzewitz during stage 2. But then a disastrous Stage 3 saw the Qatari retake the lead – a lead he didn’t relinquish despite some of the toughest stages yet seen on any South-American Dakar.
“When we first heard that the rally was going to take place only in one country, we were skeptical,” said Hall after regaining composure. “But the organisers made sure that this year’s race will long be remembered as one of the toughest tests in the last decade.”
Al Attiyah / Baumel’s victory at Dakar 2019 means that Toyota Gazoo Racing has now won both of the world’s toughest automotive races – the 24 Hours of Le Mans, and the DakarRally.
Click here to read Glyn Hall’s comment on winning the Dakar Rally, as well as the rankings.