Collaborate Disseminate
DocuSign warns of a breach and subsequent theft of email addresses that are part of a phishing campaign that employs malicious macro-laced Word documents. Continue reading DocuSign Phishing Campaign Includes Hancitor Downloader
Cybercriminals have developed macro malware for the macOS, the first time this technique has been spotted on the Apple platform. Continue reading Macro Malware Comes to macOS
Document-based macro malware flies under the security radar by first detecting existing documents on PC. Continue reading Malware Evades Detection with Novel Technique
A massive wave of Locky ransomware delivered via DOCM attachments is targeting the healthcare sector this month. Continue reading Locky Targets Hospitals In Massive Wave Of Ransomware Attacks
Recently, we’ve seen reports of malicious files that misuse the legitimate Office object linking and embedding (OLE) capability to trick users into enabling and downloading malicious content. Previously, we’ve seen macros used in a similar matter, and this use of OLE might indicate a shift in behavior as administrators and enterprises are mitigating against this… Continue reading Where’s the Macro? Malware authors are now using OLE embedding to deliver malicious files
We recently came across a file (ORDER-549-6303896-2172940.docm, SHA1: 952d788f0759835553708dbe323fd08b5a33ec66) containing a VBA project that scripts a malicious macro (SHA1: 73c4c3869304a10ec598a50791b7de1e7da58f36). We added it under the detection TrojanDownloader:O97M/Donoff – a large family of Office-targeting macro-based malware that has been active for several years (see our blog category on macro-based malware for more blogs). However, there wasn’t… Continue reading Malicious macro using a sneaky new trick
Cerber ransomware leverages Dridex spambot network in massive new crypto-offensive targeting U.S. inboxes. Continue reading Cerber Ransomware On The Rise, Fueled By Dridex Botnets