Security Awareness Training Blog

Keeping You Informed. Keeping You Aware.

Embedding a video inside Word files

Cryptojacking Scripts And Phishing Pages Could Soon Invade Your Word Documents

Let's open that doc file and watch the Matrix again.

Catalin Cimpanu at Bleepingcomputer had the scoop on this concerning news:

"Cryptojacking scripts that mine Monero via JavaScript code can also run inside Word files, security researchers have discovered.

This is possible via a new feature added to recent versions of Microsoft Word that allows users to embed Internet videos inside Word files without having to inject the actual video file inside the document itself.

2018 threat landscape

[Heads-up] The May 2018 GDPR Deadline May Fuel New Extortion Attempts

Trend Micro has released its annual security roundup, and it shows several interesting trends that will likely continue into 2018. There is bad news and worse news, with a little bit of silver lining here and there. Here is the quick summary of the full report:

To start with something positive, the number of exploit kit attacks is going down, but instead cybercrime is turning towards more reliable tactics such as spam, phishing, and targeting specific, individual vulnerabilities. 


Global Cyber Security Risk Perception: Highest Management Priorities

Few organizations are highly confident in their ability to manage the risk of a cyber-attack, despite viewing cybersecurity as a top risk management priority, according to a survey conducted by Marsh and Microsoft.

In the global survey of more than 1,300 senior executives, two-thirds ranked cybersecurity among their organizations’ top five risk management priorities – approximately double the response to a similar question Marsh asked in 2016.


Scam Of The Week: Lowlife Scum Exploits Recent Florida Parkland School Shooting

Just when you think they cannot sink any lower, criminal internet scum are now exploiting the Parkland tragedy in Florida. Unfortunately, from this spot I have been warning about these lowlifes before when earlier similar incidents like this happened.

You need to remind your employees, friends and family... again.


Edward Snowden returns to U.S.! Oops, nope, it's a phishing scam

Bradley Barth at SCMedia nailed it when he wrote: "No, NSA whistleblower and U.S. fugitive Edward Snowden did not just purchase a 2 terabyte storage plan for iCloud, nor has he moved back to the States.

"Instead, a strange spam campaign that targets Apple customers has been found distributing phishing emails containing an Apple receipt that bills $9.99 to an Edward Snowden residing at a U.S. address.

"In a Feb. 13 blog post, Malwarebytes reported that these Snowden emails, the contents of which have slightly varied, were observed from Feb. 2-6 of this year. URL shortening service provider PixelMe ultimately blocked the link found within the emails, but it is unclear what the link's original intended destination was.


Trusted Sites Often Deliver Phishing Attacks: Study

Ray Schultz at MediaPost had a great summary of some troublesome news:

"Some of the world’s most popular websites are also the most dangerous when in comes to phishing attacks, according to Trust Hacking, a new study by Menlo Security. 

Of the top 100,000 sites, as ranked by Alexa, 42% are risky: They use software that leaves them vulnerable to attack or have been compromised, Menlo reports. And many sites fall prey to one of the three ways that cybercriminals weaponize consumer trust. They take advantage of the fact that:

  1. Trusted websites may not be as safe as you think
  2. Phishing sites leverage new tricks to win your trust
  3. Typosquatting lives on

New Research: Number of Microsoft vulnerabilities continues to go up over the years

The number of Microsoft vulnerabilities has more than doubled in the last five years, according to the fifth annual Microsoft Vulnerabilities Report from Avecto.

The global security software company’s analysis of all disclosed Microsoft vulnerabilities in 2017 revealed 685 vulnerabilities, showing a significant increase compared to the number disclosed in 2013 (325).

Despite being widely regarded as the most secure Windows operating system, the number of "critical" vulnerabilities in Windows 10 rose by 64% in 2017 compared to the previous year.

In total, 587 vulnerabilities were reported across Windows Vista, Windows 7, Windows 8.1/RT 8.1 and Windows 10 operating systems in 2017. This is a record high – increasing by 132% over a five-year period.


New Multi-Stage Word Phishing Attack Infects Users Without Using Macros

Spam distributors are using a new technique to infect users with malware, and while this phishing attack relies on having users open Word documents, it does not involve social engineering users to enable macro scripts.

This new macro-less technique is currently under active exploitation, being detected by Trustwave SpiderLabs researchers in an ongoing malware campaign.


Lazarus Hacking Group back with new phishing campaign targeting banks and bitcoin users

The North Korean Lazarus Hacking Group, suspected to be behind the WannaCry ransomware attack last year, has returned with a new crime spree, this time targeting financial institutions and bitcoin users with phishing emails, posing as job recruiters.

The campaign was discovered by the McAfee Advanced Threat Research (ATR) analysts and dubbed as “HaoBao”. It was designated by McAfee as an “aggressive Bitcoin-stealing phishing campaign” that uses “sophisticated malware with long-term impact.”

While the form of attack seems nothing new, the two-stage attack malware has surprised researchers.

Subscribe To Our Blog

Phish Your Users

Recent Posts

Get the latest about social engineering

Subscribe to CyberheistNews