Excel 4.0 macros
Hi Readers. Hope You are all safe. Our April 2021 Issue is LIVE and here is a sneak peek into it.
EXCEL 4.0 MACROS : After analyzing over 1,60,000 Excel 4.0 documents between November 2020 and March 2021, cyber security experts found over 90% of them to be malicious or suspicious. This means only one thing. Cyber criminals are increasingly using Excel 4.0 documents for their operations. A new research found that hackers are increasingly adopting Excel 4.0 documents to distribute malware such as Zloader and Quakbot. But what exactly is a Excel 4.0 Macro and why it is being increasingly used by cyber criminals. Find out about them and learn how to create Excel 4.0 Macros to gain a reverse shell.
REAL WORLD HACKING SCENARIO : In this month’s Real World Hacking Scenario, our Black Hat Hackercool hacks a Joomla website, prepares a Koadic payload, embeds it in a dropper and hosts it on the hacked Joomla website. Then he lures the victims with a phishing link that redirects them to the hacked website. As soon as the victims visit the hacked website, the malware is downloaded with a lure. When victims install it, Hackercool gains access to their system. All this happens with Anti Malware and Firewall on the target ON.
BYPASSING ANTIVIRUS : Cyber Security researchers at ProofPoint were tracking a hacking operation they named as TA800. TA800 had a common mode of operation. They send personalized phishing emails containing a link to a supposed PDF document. Users who visited that link, downloaded malware with a fake PDF icon. This Malware is a loader which once opened provides attackers control of victim’s Windows Systems. These hackers have been using a loader named Baz Loader since 2020. However, researchers noticed a new loader being used by these hackers on February 3, 2021. This loader which researchers named as Nimza Loader was built in Nim programming. Learn how to create a Nim payload that can bypass antivirus and gain a shell on the target system.
TOOL OF THE MONTH : In Tool Of The Month readers will learn all about Koadic tool used in the Real World Hacking Scenario of this month’s Issue.
Here are the Contents of our April 2021 Issue
1. Real World Hacking Scenario :
When Target is behind a Firewall : Macros and Exposed services.
2. Metasploit This Month :
Aerospike, Win32k DrawIconEX and Windows POST VSS Modules.
3. Hacking Q & A :
Answers to some of the questions our beloved readers ask.
4. Proxy Logon :
Everything you want to know about Proxy Logon.
5. Hacking Lab : Windows Domain Active Directory Lab
6. Bypassing Antivirus :
AVET – Anti Virus Evasion Tool
7.The Art Of Sniffing :
Sniffing On LIVE Images passing through the network.
8. Online Security : Facebook Data Breach : What Happened And Why It’s Hard To Know If Your Data Was Leaked