Threat actors, just like any other software developer, are always looking for ways to improve their software. In the case of threat actors this is often done to avoid the mitigation that software vendors have put in place to defend against the malware or patch a vulnerability the threat actors …
More on Follina exploits including advice on how to protect your organisation – now executing in File Explorer preview pane… UPDATE 15 June 2022
This post was originally made on 9 June 2022 Update 15 June 2022 Microsoft has included updates in it’s Patch Tuesday bundle to address this issue: Microsoft Patch Tuesday – Follina zero-day fixed – Smart Thinking Solutions Get the updates done as soon as possible. Let’s hope this is really …
Emotet are back – now stealing credit card data
The Emotet botnet started off as banking trojan then evolved into a spamming and malware delivery system, has now moved onto exfiltrating credit card data: Emotet malware gang shifts to stealing credit cards • The Register If you have your credit card details stored in your Google Chrome browser, the …
Continue reading “Emotet are back – now stealing credit card data”
Facebook phishing campaign
I think the number is more than a quarter of the world’s population has a Facebook account, couple that with Meta’s international reputation for information security and ethics and so it is no surprise that it is a target for scammers and threat actors Facebook phishing campaign nets millions in …
Active exploit for Follina – the still unpatched flaw in Microsoft Word
Here is another excellent breakdown, with screen shots, of phishing emails exploiting the Microsoft Word/Follina/ms-msdt flaw. Being aware of the types of phishing emails the threat actors use is part of the defence in depth you need to have great cyber security. TA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit (ms-msdt) …
Continue reading “Active exploit for Follina – the still unpatched flaw in Microsoft Word”
New in the wild malware – SVCReady
Researchers at HP Wolf Security have started to see phishing spam email campaigns deploying a previously unknown malware family SVCReady. The HP security blog has a very good description of the malware and how it works – a bit techie – but towards the end it shows some images of …
Ransomware attacks – just in case you have forgotten that any organisation can be compromised – three tips to help you face up to the threat
Bored with ransomware stories? Read this one, it has a very nice Hitchhiker’s Guide to the Galaxy reference. There have been a flurry of ransomware attacks in the news recently – but these are only the ones that make the headlines. Louisiana authorities investigating ransomware attack on city of Alexandria …