News and Events


On 5/27/22 security research team, Nao_sec identified a malicious Word document in the wild, that appeared to be leveraging the “MS-MSDT” (Microsoft Support Diagnostic Tool) protocol to execute Powershell code. This was done through an external reference in the XML of the Word doc to a malicious HTML file hosted by the threat actor. The malicious HTML file then uses JavaScript to rewrite the URL to call the Microsoft Support Diagnostic Tool via the......

Read More