Preface: Microsoft products cover a wide range. Perhaps quite a lot of people queries design weakness of their products. But they have capabilities to protect it own.

Background: The cyber criminal exploit Microsoft official domain name to made phishing email and goal to increase the possibility to open the email. Meanwhile the malicious infection technique has proprietary evading antivirus technique.
Remark: According to my observation, the evolution of this cyber attack technique found in 2013. Perhaps we remember HWP (Hangul Word Processor). HWP files are similar to MS Word’s DOCX files, except that they can contain Korean written language, making it one of the standard document formats used by the South Korean government. Should you have interested to review the details, plese refer to following URL: http://www.antihackingonline.com/network-protocol-topology-standard/vulnerabilities-in-the-old-ole2-based-hwp-file-format-engages-apt-attacks-to-south-korea/

Cyber security focus: Such matter reminds cybersecurity world of cyber criminal infiltration technique. Expert found that the North Korea cyber attack suspect make a new way. Attack mainly using the API hooking technique to hide the behaviors of the first-stage backdoor which is the second payload in this operation. Since this attack landing page most likely is a MS document. The Fallout Exploit Kit is Back with adobe Vulnerabilities and Payloads (see attached diagram) So, it generate a interference to business and government sector.

Reference: Microsoft Sues North Korea-Linked Hackers for Impersonation (1) – https://news.bloomberglaw.com/ip-law/microsoft-sues-north-korea-linked-hackers-for-targeting-users

Preface: Sometimes lighting can become a security safeguard. Perhaps the lighting system will help you figure out whether intruder jump to your garden at night.

Synopsis: It is hard to avoid the digital transformation trend integrate to your daily life. As the matter of fact, they are on board already. For instance the remote controlled outdoor outlets with on/off function, Z-Wave outlets that measure energy consumption for connected lamps and appliances.

Remark: Z–Wave is a wireless communications protocol used primarily for home automation.

Vulnerability details:

HomeAutomation is an open-source web interface and scheduling solution. Quite a lot of IoT manufacturer are do the product integration to HomeAutomation (see attached diagram). Expert found design weakness occured in HomeAutomation software.
From technical aspect. Use the cURL_init function, implemented with PHP, to open a connection and the links includes reference’s to the other two functions (curl_setopt & curl_exec) to be able to potentially reuse an existing handle (conncetion).
The HomeAutomation suffers from an authentication bypass vulnerability when spoofing client IP address using the X-Forwarded-For header with the local (loopback) IP address value allowing remote control of the smart home solution. For details, please refer to diagram.

Status: No official announcement for the remediation by software vendor and manufacturer in the moment.