• Home
  • BREAKING NEWS
  • Cybersecurity Services
  • Awareness Training
  • Cybersecurity Forensics
  • Virtual Director
  • IT Audits
  • Contact US
  • More
    • Home
    • BREAKING NEWS
    • Cybersecurity Services
    • Awareness Training
    • Cybersecurity Forensics
    • Virtual Director
    • IT Audits
    • Contact US
  • Home
  • BREAKING NEWS
  • Cybersecurity Services
  • Awareness Training
  • Cybersecurity Forensics
  • Virtual Director
  • IT Audits
  • Contact US

NEW Phishing Attack Techniques to Deliver Malware

BE AWARE

Researchers at McAfee warn that a current phishing campaign is delivering malware via Word documents that don’t contain any malicious code. When a user opens the document and enables content, the document will download an Excel file that’s used to construct a malicious macro after the documents are on the system. This helps the macros bypass security filters.
 

“The malware arrives through a phishing email containing a Microsoft Word document as an attachment,” the researchers write. “When the document is opened and macros are enabled, the Word document, in turn, downloads and opens another password-protected Microsoft Excel document.
 

After downloading the XLS file, the Word VBA reads the cell contents from XLS and creates a new macro for the same XLS file and writes the cell contents to XLS VBA macros as functions. Once the macros are written and ready, the Word document sets the policy in the registry to Disable Excel Macro Warning and invokes the malicious macro function from the Excel file. The Excel file now downloads the Zloader payload. The Zloader payload is then executed using rundll32[dot]exe

 

  • WANT TO LEARN MORE?”
     

MSPs: Still Not Appreciating the Risk of Ransomware

MSPs are a prize target because they are a gateway to many – sometimes hundreds – of business networks. Threat actors also know the pandemic has placed them under pressure to continue delivering services 24/7, even though many employees are now having to work from home.

Their hope is that MSPs simply did not have the time to check security precautions as thoroughly as they would wish in the rush to avoid disruption to services.


  • Since June 2019, Managed Service Providers, IT service consultants and hosting providers have been increasingly targeted by ransomware actors. These attacks target the service provider’s remote management tools to increase the blast radius of the attack. When the attack is successful, every downstream endpoint at every client of the service provider is impacted.
  • VIRTUAL IT SECURITY thwarted a $900,000 RANSOMWARE ATTACK, There attack was a direct result of MSP negligence.  
  • WANT TO LEARN MORE?

______________________________________________________________________________

Phishing Attacks Using PDF Files Skyrocket More Than 1K%

  •  “From 2019-21, we noticed a dramatic 1,160% increase in malicious PDF files – from 411,800 malicious files to 5,224,056
  • “PDF files are an enticing phishing vector as they are cross-platform and allow attackers to engage with users, making their schemes more believable as opposed to a text-based email with just a plain link.” 
  • The most common form of PDF phishing lures used an image of a fake CAPTCHA to trick victims into clicking the “Continue” button, which led to a malicious site. Another variant used an image that purported to be a coupon, and told victims to click the image in order to get 50% off on a product.
  • A third type of PDF phishing attack used images that appeared to be paused videos, but led to a phishing site when users clicked on them.
  • “These phishing files do not necessarily carry a specific message, as they are mostly static images with a picture of a play button ingrained in them. “Although we observed several categories of images, a significant portion of them either used nudity or followed specific monetary themes such as Bitcoin, stock charts and the like to lure users into clicking the play button.”  The researchers conclude that users need to pause and think when they receive a suspicious file.    Contact Us to Learn more! 

Any organization is fair game, your business may be next!

Nation-State Hacking 2.0

Why Your Organization is Now at Risk from this Evolving Threat Security professionals have worried about cyberwarfare for decades. But the attack on Sony Pictures, the Solarwinds supply chain compromise, and now the latest Microsoft Exchange zero-day exploits show that nation-state attacks are having a much bigger impact than ever before.
 

Don’t let the big names fool you. Today, any organization is fair game, which means your organization could be next.    Contact Us to Learn more!

Copyright © 2018 Virtual IT Security - All Rights Reserved.

Powered by GoDaddy

Virtual IT Security

We provide cybersecurity services to large and small businesses, with specific emphasis on compliance and cybersecurity incident prevention, detection, and response.. 

Want to learn More?