O'Reilly logo

Hands-On Cybersecurity with Blockchain by Rajneesh Gupta

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Live attack execution

In recent attacks, adversaries have run arbitrary code that is executed from a Microsoft Word document without the use of any macros or scripts. This technique is a legitimate Microsoft office functionality called Dynamic Data Exchange (DDE).

Let's try to see this attack from a Cyber kill chain perceptive. Cyber kill chain is used to describe the attack stages:

  • Reconnaissance: This is a planning phase where the attacker gathers information about something through observation or other detection methods. Cyberattack planning and reconnaissance often include conducting research about the target, usually with open source information gathering tools, such as Google and Shodan, as well as through searches of publicly available ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required