Macro Malware - Security Intelligence

news

Aggah Campaign Using Bit.ly, BlogSpot and Pastebin to Distribute RevengeRAT

Researchers spotted the operators of the Aggah campaign exploiting Bit.ly, BlogSpot and Pastebin to spread variants of the RevengeRAT malware in the Middle East, Asia, Europe and the U.S.

April 23, 2019 | By David Bisson

news

A restaurant worker using a laptop: macro downloaders

news

New Macro Downloaders Use PUB Files to Compromise Food and Retail Companies

New macro downloaders are sandwiching spam and .PUB files to compromise businesses in the food and retail sector.

December 7, 2018 | By Douglas Bonderud

news

A businessman using a laptop: remote access Trojan

news

TA505 Threat Group Distributes Previously Undocumented tRat Remote Access Trojan

Researchers observed the TA505 threat group spreading a previously undocumented remote access Trojan (RAT) called tRaT.

November 20, 2018 | By David Bisson

news

Illustration of a laptop downloading a document: PDF attack

news

New Cobalt Gang PDF Attack Avoids Traditional Static Analysis Tools

A PDF attack campaign conducted by the Cobalt Gang used a specially crafted document to evade dection by static analysis tools.

November 12, 2018 | By David Bisson

news

Illustration of images on a computer screen representing steganography.

news

NARWHAL SPIDER Uses Steganography to Deliver URLZone Malware in Cutwail Spam Campaign

A new Cutwail spam campaign is leveraging steganography — hiding data within images — to compromise devices and download URLZone.

November 7, 2018 | By Douglas Bonderud

news

A magician's hat and a hand holding a wand: TrickBot malware

news

Latest Version of TrickBot Malware Uses Macro-Enabled Word Documents to Deliver New Stealth Code Injection

The latest version of TrickBot malware leverages malicious macros to deliver stealthy code injection, fool users and compromise computers.

August 31, 2018 | By Douglas Bonderud

news

Illustration of a hand unlocking bitcoin access: cryptocurrency exchange

news

AppleJeus Trojan Targets Both Windows and MacOS in Attack Against Cryptocurrency Exchange

A recent attack against a cryptocurrency exchange planted a Trojan that spread across both Windows and MacOS machines to steal information and digital coins, according to security researchers.

August 30, 2018 | By Shane Schick

news

Upward view of skyscrapers and financial institutions on Wall Street: IQY files

news

Spammers Target Financial Institutions With IQY Files That Conceal New Downloader Malware

Spammers are targeting financial institutions using Excel Web Query (IQY) files that conceal a new downloader malware, according to security researchers.

August 24, 2018 | By David Bisson

news

Illustration of a hand holding a magnifying glass in front of a computer screen: remote access Trojan

news

Modular Remote Access Trojan Uses Sophisticated Techniques to Evade Detection

According to security researchers, a new modular remote access Trojan (RAT) is using several sophisticated techniques to fly under the radar of traditional detection solutions.

August 10, 2018 | By David Bisson

news

Illustration of a document being downloaded on a desktop computer screen: macro malware

news

New Encrypted Downloader Leverages Old-School Macro Malware to Gain Backdoor Access

According to a recent threat advisory, cybercriminals have combined a new encrypted downloader with old-school macro malware to gain backdoor access to victims' machines.

July 26, 2018 | By Douglas Bonderud

news

New DLL CryptoMix Ransomware Reportedly Using Remote Desktop Services for Installation

Aggah Campaign Using Bit.ly, BlogSpot and Pastebin to Distribute RevengeRAT

Belkin Wemo Zero-Day Vulnerability Could Leave the Door Open for IoT Attacks

Attackers Compromise Admin Account to Infect Manufacturing Company With BitPaymer Ransomware

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

How a Cunning Remote Overlay Malware Met Its Match

The US Is Slow to Adopt EHRs, But That Might Actually Be a Good Thing for Healthcare Security

How IBM X-Force IRIS Prepared for the Ukraine Election

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

Credential Dumping Campaign Hits Multinational Corporations

Cybercriminals Spoof Major Accounting and Payroll Firms in Tax Season Malware Campaigns

Podcast: Muscle Memory and Cyber Fitness Training

Podcast: Zero Trust and the Evolving Role of Identity and Access Management

Podcast: Digital Identity Trust, Part 3 — Powering Digital Growth With Digital Identity Trust

Podcast: Monitoring National Cybersecurity Trends With Former NSA Deputy Director Bill Crowell

Webinar: MacOS Management Made Easy with MaaS360

Webinar: Encryption is the Fastest Way to Protect Data

Webinar: The Ride-Along: Intelligence Analysis for Real Time Crime Centers

Webinar: Under the Radar: Live Webinar and Demo

Tag: Macro Malware

Aggah Campaign Using Bit.ly, BlogSpot and Pastebin to Distribute RevengeRAT

New Macro Downloaders Use PUB Files to Compromise Food and Retail Companies

TA505 Threat Group Distributes Previously Undocumented tRat Remote Access Trojan

New Cobalt Gang PDF Attack Avoids Traditional Static Analysis Tools

NARWHAL SPIDER Uses Steganography to Deliver URLZone Malware in Cutwail Spam Campaign

Latest Version of TrickBot Malware Uses Macro-Enabled Word Documents to Deliver New Stealth Code Injection

AppleJeus Trojan Targets Both Windows and MacOS in Attack Against Cryptocurrency Exchange

Spammers Target Financial Institutions With IQY Files That Conceal New Downloader Malware

Modular Remote Access Trojan Uses Sophisticated Techniques to Evade Detection

New Encrypted Downloader Leverages Old-School Macro Malware to Gain Backdoor Access