Per X-Force IRIS, at least 22 percent of reported campaigns in April 2019 delivered macro malware. What methods can defenders leverage to help detect malicious macro activity?
The Retefe banking Trojan has resumed its activity with a new series of attack campaigns that leverage Smoke Loader as an intermediate loader.
A threat actor known as TA505 recently launched a phishing campaign that uses living-of-the-land binaries (LOLBins) to distribute a new backdoor malware.
Researchers spotted the operators of the Aggah campaign exploiting Bit.ly, BlogSpot and Pastebin to spread variants of the RevengeRAT malware in the Middle East, Asia, Europe and the U.S.
Digital attackers used more than a dozen web servers to host 10 malware families and distributed those threats using phishing emails.
Security researchers discovered an attack campaign targeting Japanese users with a new variant of Ursnif banking malware.
Researchers discovered Geodo botnets using a new spam campaign to deliver samples of Qakbot malware.
A weaponized document builder service known as LCG Kit added the ability to use Microsoft Word macros to load the necessary shellcode for installing malware.
Analysts discovered a new spear phishing attack campaign from the SNAKEMACKEREL group that uses fake Brexit-related documents to infiltrate major government agencies and steal information.
New macro downloaders are sandwiching spam and .PUB files to compromise businesses in the food and retail sector.