Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    [ZERO DAY ALERT] Ransomware Targets MS Office 365 Users

    Cerber Ransomware Macros Document

    Apparently, MS Office 365 built-in security tools are not cutting it.  A new strain of the Cerber Ransomware is now targeting MS Office 365 email users with a massive zero-day attack that has the ability to bypass Office 365's built-in security tools.

    A new report released by cloud security provider Avanan shows a massive zero-day attack targeting Office 365 users with phishing emails having malicious file attachment payloads.

    In a Deja Vu moment, -- this is getting old very fast -- Cerber uses social engineering to trick users to allow macros, just like the recent Locky and Dridex attacks. 

    While Avanan did not specify the exact number of users possibly hit by the ransomware, Microsoft reported in its first quarter 2016 that there are almost 18.2 Million Office 365 subscribers. Although Cerber originally emerged in March, the malware campaign targeting Office 365 users began on June 22. However, Microsoft started blocking the malicious file attachment on June 23, but as we all know that is a game of whack-a-mole and the bad guys have the advantage.

    "While difficult to precisely measure how many users got infected," Avanan estimated that "roughly 57 percent of organizations using Office 365 received at least one copy of the malware into one of their corporate mailboxes during the time of the attack."

    The Cerber ransomware strain is a weird one. It not only encrypts user files and displays a ransom note, but also takes over the user's audio system to read out its ransom note informing them that their files were encrypted.

    What To Do About It 

    • Weapons-grade backups are rule #1 
    • Disable Macros in your MS Office programs
    • Step end-users through effective security awareness training
    • And here are 8 other things you can do

    Since phishing has risen to the #1 malware infection vector, and attacks are getting through your filters too often, getting your users effective security awareness training which includes frequent simulated phishing attacks is a must

    KnowBe4's integrated training and phishing platform allows you to send attachments with Word Docs with macros in them, so you can see which users open the attachments and then enable macros!

    See it for yourself and get a live, one-on-one demo.

    Request A Demo

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://info.knowbe4.com/kmsat-request-a-demo

     

     

    Return To KnowBe4 Security Blog

    Topics: Ransomware

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews