You should be on the lookout for this phishing campaign…

There is an active email phishing campaign infecting both home users and organisations. The malicious emails contain a .zip attachment. The payload is called IceXLoader and it primarily exfiltrates sensitive information from infected systems: Phishing drops IceXLoader malware on thousands of home, corporate devices (bleepingcomputer.com) The threat actors are not …

Emotet is back

Just when it looked like the Emotet spamming/malware operation had stopped, there are widespread reports that it has restarted. Emotet botnet starts blasting malware again after 5 month break (bleepingcomputer.com) Infected Microsoft Office documents are Emotet’s favoured method of malware distribution. Once the email has slipped past your technical defences, …

Catching up with US Cybersecurity and Infrastructure Security Agency latest advisories

Whilst I have been away CISA has continued issuing useful advice. It added a Google Chromium vulnerability to the Known Exploited Vulnerabilities Catalog. Google Chromium is an open–source browser project and is behind many widely used browsers including Google Chrome and Microsoft Edge. CISA Has Added One Known Exploited Vulnerability …