Naked Security: Ransomware hidden inside a Word document that’s hidden inside a PDF. “SophosLabs has discovered a new spam campaign where ransomware is downloaded and run by a macro hidden inside a Word document that is in turn nested within a PDF, like a Russian matryoshka doll. The ransomware in this case appears to be a variant of Locky. Most antivirus filters know how to recognize suspicious macros in documents, but hiding those document inside a PDF could be a successful way to sidestep it, according to SophosLabs researchers.”