Security Awareness Training Blog

Malware Blog

Covering the latest malware threats affecting software, hardware, cloud networks, etc. Keeping you informed so you can keep your users safe.

Microsoft OneNote Attachments Become the Latest Method to Spread Malware

With Microsoft disabling macros by default on Office documents, cybercriminals are left needing another means to launch malware that’s victim-supported by default.
Continue Reading

[Security Masterminds] Breaking It Down to Bits & Bytes: Analyzing Malware To Understand the Cybercriminal

In our latest episode of Security Masterminds, we have the pleasure of interviewing Roger Grimes, Data-Driven Defense Evangelist for KnowBe4, who has held various roles throughout his ...
Continue Reading

QBot Malware Attacks Use SVG files to Perform HTML Smuggling

QBot malware phishing campaigns have adopted a new distribution method using SVG files to perform HTML smuggling that locally creates a malicious installer for Windows.
Continue Reading

Microsoft Warns of Signed Drivers Being Used to Terminate AV and EDR Processes

The malicious abuse of several developer program accounts in Microsoft’s Windows Hardware Developer Program allowed threat actors to have malware evade detection.
Continue Reading

New Polymorphic Wiper Malware Leaves Attacked Environments “Unrecoverable”

As an apparent method of political commentary on the war in Ukraine, the new Azov wiper uses a mix of intermittent overwriting and trojanizing Windows binaries to annihilate its’ victims.
Continue Reading

XLL Files Used to Deliver Malware

Attackers are using XLL files to embed malicious code in Office documents, according to researchers at Cisco Talos. Microsoft is phasing out the ability to execute VBA macros in Office ...
Continue Reading

Interest in Infostealer Malware Within Cyberattacks Spikes as MFA Fatigue Attacks Increase

New analysis of dark web forums shows an increase in discussions around the use of infostealer malware as part of both the first attack within a campaign or as part of an initial access ...
Continue Reading

Archives Overtake Office Documents as the Most Popular File Type to Deliver Malware

Taking the lead over the use of Word, Excel, PDF, and other office-type documents in attacks, new data shows that files like ZIP and RAR have grown in popularity by 11% last quarter.
Continue Reading

Gaming-Related Phishing Trends

Researchers at Kaspersky have found that the vast majority of gaming-related malware lures are targeted at Minecraft players. Roblox came in at a distant second, and the researchers note ...
Continue Reading

Lost in Translation? New Cryptomining Malware Attacks Based in Turkey Cause Suspicion

Researchers at Check Point warn that attackers based in Turkey are distributing cryptomining malware via free software distribution websites, including Softpedia and uptodown. The ...
Continue Reading

Malvertising With Google Ads

Researchers at Malwarebytes warn that a large malvertising campaign is exploiting Google ads to redirect users to phishing sites.
Continue Reading

[Heads Up] The Ukraine War Started A New Wiper Malware Spillover Risk

The war in Ukraine increases the risk of wiper malware to spill over. I'm sure you remember NotPetya, which caused billions of dollars of downtime damage. The WSJ reports that Symantec ...
Continue Reading

8 New Malware Payloads Spotted As Part of Attacks Against Ukrainian Targets

Security Threat Researchers at Symantec have published details about malware being put out by the “Gamaredon” threat group (who have been tied to Russian Federal Security Service), ...
Continue Reading

Dark Web Service Sells Access to Compromised Accounts and Browser Sessions

When we hear about compromised credentials, there’s always the question of “How are they used post-compromise?” In one case, they are fully on display for sale to the highest bidder.
Continue Reading

Malicious Office Documents Jump to 37% of All Malware Downloads at the End of 2021

With the ubiquitous use of Microsoft Office today, it should come as no surprise that malicious macro-laden documents continue to reign, with PPT files delivering AgentTesla taking the ...
Continue Reading

Ingenious New Attack Technique Uses Windows Store to Install Malware

Just when you thought threat actors couldn’t find another way to launch a dropper, a new method has surfaced that takes advantage of native functionality found in Windows 10.
Continue Reading

New Dangerous and Persistent "Metamorphic" Malware Strain Called Tardigrade

Michael Kan at PCMag reported on this new strain of Windows malware.  It can constantly adapt to avoid detection and was first found targeting the biotech industry, including the ...
Continue Reading

Google Ads Abused to Deliver Malware

Cybercriminals are using malicious Google Ads to deliver the ZLoader banking Trojan, ZDNet reports. Researchers at Microsoft stated on Twitter that attackers are purchasing Google Ads ...
Continue Reading

CISA Publishes Darkside Malware Analysis Report and Updated Best Practice Guidance Against Ransomware

New details provide valuable insight into exactly how Darkside works to compromise and encrypt systems, with valuable guidance to avoid becoming a victim of ransomware.
Continue Reading

Phishing Campaign Uses Novel Technique to Deliver Malware

Researchers at McAfee warn that a phishing campaign is delivering malware via Word documents that don’t contain any malicious code. When a user opens the document and enables content, the ...
Continue Reading

Get the latest about social engineering

Subscribe to CyberheistNews