Week in review: MS Office flaw may leak NTLM hashes, malicious Chrome, Edge browser extensions

Last week saw the discovery of unpatched flaws in MS Office and SolarWinds Web Help Desk, which if exploited, could leak users’ NTLM hashes and allow attackers to run commands on the host machine, respectively. Chrome and Edge users were targeted by a campaign involving hard-to-remove malicious browser extensions. Meanwhile, Orion S.A. lost approximately $60 million to multiple fraudulently-induced outbound wire transfers. Also, Evolution Mining announced a ransomware attack on its IT systems.