I use OneNote a lot – so I had to follow up on my previous post about OneNote attachments being used as an attack vector. OneNote has become the threat actors new choice of attachment probably because Microsoft closed the door on macro attacks. In the wild, Microsoft OneNote’ .one’ …
Google ads malvertising campaign evades anti-virus detection
Data stealing malware, pushed through compromised Google search ads, is attempting to evade detection by using virtualisation components: Google ads push ‘virtualized’ malware made for antivirus evasion (bleepingcomputer.com) Researchers think this new type of attack strategy and other emerging attack vectors are being prompted s as reaction to Microsoft tightening …
Continue reading “Google ads malvertising campaign evades anti-virus detection”
Practice Drinking Coffee* better known as Planning and Preparation
Sorry, this is not a coffee* appreciation article it is an article about planning and preparation for an incident. Planning and Preparation = Good Governance Businesses and organisations need a cyber security policy and a plan covering what they do to mitigate the risk of an incident and what they …
Continue reading “Practice Drinking Coffee* better known as Planning and Preparation”
Do you know what an Excel XLL file is? The hackers do.
An Excel XLL file is a an add-in file that allows third parties to add extra functionality to Microsoft Excel – pretty useful. But of course the threat actors have extended that third party functionality to include malware. Now, just like with macros, Microsoft is blocking XLL files, originating from …
Continue reading “Do you know what an Excel XLL file is? The hackers do.”
Close one door and another opens
I had an article published yesterday discussing the risks still posed by the Microsoft Office macro, even though Microsoft has tightened the security when using them: Microsoft Office Macros Are Still an Issue – CyberAwake But the threat actors do not stop there. Closing the macro attack vector sent the …