Avihai Ben-Yossef

Abusing Microsoft Office Online Video

  **Updated Note: As of November 12th, 2018, Trend Micro has discovered an in-the-wild sample of this logical bug seen in the TROJ_EXPLOIT.AOOCAI, using it  to deliver the URSNIF information stealer (TSPY_URSNIF.OIBEAO).** Cymulate’s research team has discovered a way to abuse the Online Video[...]

Web Applications Vulnerability Is Everyone’s Responsibility

When organizations worry about their cyber security, they focus on ransomware attacks, employees opening (spear) phishing emails or clicking on malicious banners and links on websites. But there is another danger that is often underestimated - the web applications of your own organization could[...]