I have written a lot about the fact that many cyber attacks include an element of social engineering, to tease the victim into lowering their guard and doing what the threat actor wants. Here is an excellent example of that, described by Xavier Mertens on SANS Internet Storm, where the …
QakNote – OneNote malware now has name
I use OneNote a lot – so I had to follow up on my previous post about OneNote attachments being used as an attack vector. OneNote has become the threat actors new choice of attachment probably because Microsoft closed the door on macro attacks. In the wild, Microsoft OneNote’ .one’ …
Google ads malvertising campaign evades anti-virus detection
Data stealing malware, pushed through compromised Google search ads, is attempting to evade detection by using virtualisation components: Google ads push ‘virtualized’ malware made for antivirus evasion (bleepingcomputer.com) Researchers think this new type of attack strategy and other emerging attack vectors are being prompted s as reaction to Microsoft tightening …
Continue reading “Google ads malvertising campaign evades anti-virus detection”
Practice Drinking Coffee* better known as Planning and Preparation
Sorry, this is not a coffee* appreciation article it is an article about planning and preparation for an incident. Planning and Preparation = Good Governance Businesses and organisations need a cyber security policy and a plan covering what they do to mitigate the risk of an incident and what they …
Continue reading “Practice Drinking Coffee* better known as Planning and Preparation”
Do you know what an Excel XLL file is? The hackers do.
An Excel XLL file is a an add-in file that allows third parties to add extra functionality to Microsoft Excel – pretty useful. But of course the threat actors have extended that third party functionality to include malware. Now, just like with macros, Microsoft is blocking XLL files, originating from …
Continue reading “Do you know what an Excel XLL file is? The hackers do.”