Microsoft warns for malware that changes proxy settings to eavesdrop on encrypted connections

vbimport

#1

We’ve just posted the following news: Microsoft warns for malware that changes proxy settings to eavesdrop on encrypted connections[newsimage]http://www.myce.com/wp-content/images_posts/2016/08/certor2_updated-95x75.png[/newsimage]

Microsoft warns Office users for a new attack where cybercriminals try to modify proxy settings through a malicious Word document. By setting the proxy to a server owned by the attackers, they are able to monitor and manipulate the internet connection of a victim.

            Read the full article here: [http://www.myce.com/news/microsoft-warns-malware-changes-proxy-settings-eavesdrop-encrypted-connections-80319/](http://www.myce.com/news/microsoft-warns-malware-changes-proxy-settings-eavesdrop-encrypted-connections-80319/)

            Please note that the reactions from the complete site will be synched below.

#2

In order to modify the proxy settings the cybercriminals use the regular social engineer trick by sending an email with a malicious attachment.
Anyone dumb enough to open spam emails or email attachment that they didn’t ask to get deserves to be eavesdrop on. That will teach them a lesson to only read they emails you know your getting.

Microsoft advises once again to only open messages from trusted persons and websites.
If people don’t get this already then they deserve to be eavesdropped.

The company also provides a registry hack that prevents the execution of OLE objects in documents.
Can anyone post this link-I tried looking but they are making this impossible to look for?


#3

In the last paragraph ([I]Recommendations[/I]) of the linked TechNet article there’s another link to this blog: https://blogs.technet.microsoft.com/mmpc/2016/06/14/wheres-the-macro-malware-author-are-now-using-ole-embedding-to-deliver-malicious-files/

…which contains this link ;): https://support.microsoft.com/en-us/kb/926530