A hacking group with North Korean ties has been targeting U.S. entities with malicious documents this summer as it works to hide its tracks better, according to research from Prevailion.

The vulnerability is exploited by visiting a malicious web page or opening a malicious Microsoft Word document rendered with Internet Explorer.

Dynamic Data Exchange,like mac ros, can be abused by hackers to help them take over a targeted computer. But it's not a vulnerability and there's no fix, says Microsoft.

The technical findings connect a known advanced persistent threat group, codenamed FIN7 by U.S. cybersecurity firm FireEye, to a sophisticated intrusion technique that was detected in a recent wave of spoofed emails that mimicked the SEC's domain.

A well-funded spy group appears to have recently acquired a highly-sophisticated zero day vulnerability to deploy a remote access trojan, developed by infamous surveillance technology firm FinFisher, against a Russian-speaking "entity."

The hacking group, dubbed OilRig by security researchers and believed to be tied to Iranian intelligence services, utilized a software flaw that allows attackers to execute a remote computer intrusion to take full control of a target device while leaving little or no trace, said Michael Gorelik, vice president of Israeli security firm Morphisec.