Just a quick update to Emotet delivery campaigns that have plagued us for ages. I don’t normally post much about Emotet. There are lots of other researchers keeping an eye on it, who post regular updates via Twitter etc, Until recently Emotet was normally delivered via a malicious word doc attachment. Then about 10 days ago we noticed some versions using js attachments inside zip files. Yesterday evening we noticed yet another change. This time using js files inside password protected zips with a previously unknown password that might be different in each version received. Using password protected zip files … Continue reading →