In today’s cyber attacks on infrastructure of Ukraine has used the technique of DDE, according to the State service for special communications and information protection.
She activated the execution of malicious code on the user’s computer.
DDE (Dynamic Data exchange) – exploitation of a critical vulnerability in the Protocol.
Ukrainian state institutions, ports, airports attack the new virus, said earlier the representative of the project for securing web applications, OWASP Vladimir Styran.
“The obvious target attack using a vulnerability in MS Word DDE (Dynamic Data Exchange)”, – he said.
He advised users not to open suspicious files and tabs to turn off the engine DDEAUTO and install the security patch KB3213630 CVE-2017-11826.
Today the Ministry of infrastructure announced that in connection with the receipt of a number of reports of rising cyber threats, it takes steps to improve information security and the website of the Ministry is temporarily closed.
Earlier, on October 12, the security Service of Ukraine warned about the preparation of a new wave of large-scale cyber attacks on government agencies and private companies.
Recall, 27 Jun virus Petya.A attacked many private and state companies of Ukraine, including banks.