Microsoft Office - Security Intelligence

Man using a desktop computer: macro malware

article

How to Fight Back Against Macro Malware

Per X-Force IRIS, at least 22 percent of reported campaigns in April 2019 delivered macro malware. What methods can defenders leverage to help detect malicious macro activity?

May 20, 2019 | By Megan Roddie

article

news

Updated Version of KPOT Stealer Available for Purchase on Underground Hacking Forums

Researchers observed cybercriminals selling an updated version of the KPOT stealer on some underground hacking forums.

May 14, 2019 | By David Bisson

news

news

Retefe Banking Trojan Returns With Smoke Loader as Its Intermediate Loader

The Retefe banking Trojan has resumed its activity with a new series of attack campaigns that leverage Smoke Loader as an intermediate loader.

May 7, 2019 | By David Bisson

news

Man working on a laptop in the office: TA505

news

New TA505 Phishing Campaign Using LOLBins to Distribute Backdoor Malware

A threat actor known as TA505 recently launched a phishing campaign that uses living-of-the-land binaries (LOLBins) to distribute a new backdoor malware.

April 29, 2019 | By David Bisson

news

Security professional reading about the latest malware threats: malware

news

Web Servers Used to Host 10 Malware Families Distributed via Phishing Emails

Digital attackers used more than a dozen web servers to host 10 malware families and distributed those threats using phishing emails.

April 9, 2019 | By David Bisson

news

Professional working on a laptop in the office targeted with Ursnif banking malware

news

Threat Actor Targets Japanese Users With New Ursnif Variant

Security researchers discovered an attack campaign targeting Japanese users with a new variant of Ursnif banking malware.

March 13, 2019 | By David Bisson

news

Woman checking email on mobile device as laptop starts up: qakbot malware

news

Geodo Botnets Using New Spam Campaign to Deliver Qakbot Malware

Researchers discovered Geodo botnets using a new spam campaign to deliver samples of Qakbot malware.

February 6, 2019 | By David Bisson

news

Woman working on laptop in a coffee shop: lcg kit

news

LCG Kit Document Builder Now Using Microsoft Word Macros to Install Malware Payloads

A weaponized document builder service known as LCG Kit added the ability to use Microsoft Word macros to load the necessary shellcode for installing malware.

December 20, 2018 | By David Bisson

news

Illustration of menacing birds flying over a computer monitor: Hawkeye keylogger

news

Threat Actors Exploit Equation Editor to Distribute Hawkeye Keylogger

A recent Hawkeye keylogger campaign leveraged an old Microsoft Office Equation Editor vulnerability to steal user credentials, passwords and clipboard content.

November 15, 2018 | By Douglas Bonderud

news

A password field on a laptop screen: Agent Tesla

news

New Campaign Uses RTF Files to Drop Agent Tesla Trojan and Other Malware

A new attack campaign is using Rich Text Format (RTF) files to distribute the Agent Tesla Trojan along with other malware.

October 26, 2018 | By David Bisson

news

Fake Android Apps Steal Cryptocurrency Credentials With 2FA Bypass Technique

TCP SACK Panic Flaw Could Compromise Production Linux Machines

Free Decryption Tool Enables Victims of GandCrab Ransomware to Recover Their Files

Outlaw Threat Group Using Botnet to Distribute Monero Miner, Perl-Based Backdoor

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

IoMT Security: A Comprehensive Approach to Mitigate Risk and Secure Connected Devices

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

Industrial Control Systems Security: To Test or Not to Test?

Critical RCE Vulnerability in TP-Link Wi-Fi Extenders Can Grant Attackers Remote Control

One Big Lesson From the Cyber Range to Help Solve Confirmation Bias

Observations of ITG07 Cyber Operations

Getting Quantum Ready and What This Means for Cryptography

Podcast: Reducing Third-Party Risk

Podcast: Development Agility and Open-Source Vulnerability Prioritization

Podcast: Lateral Movement: Combating High-Risk, Low-Noise Threats

Podcast: Travel Security: Why Data Safety Doesn’t Get a Day Off

Webinar: How to Outmatch Data Security Challenges with Cost-Effective, Practical Strategies

Webinar: Total Recon: See You Online, Richter

Digital Identity Trust at Cyber Week 2019 – Tel Aviv, Israel

Webinar: IBM i2 User Group Webinar: Advance Your Existing i2 Capabilities

Tag: Microsoft Office

How to Fight Back Against Macro Malware

Updated Version of KPOT Stealer Available for Purchase on Underground Hacking Forums

Retefe Banking Trojan Returns With Smoke Loader as Its Intermediate Loader

New TA505 Phishing Campaign Using LOLBins to Distribute Backdoor Malware

Web Servers Used to Host 10 Malware Families Distributed via Phishing Emails

Threat Actor Targets Japanese Users With New Ursnif Variant

Geodo Botnets Using New Spam Campaign to Deliver Qakbot Malware

LCG Kit Document Builder Now Using Microsoft Word Macros to Install Malware Payloads

Threat Actors Exploit Equation Editor to Distribute Hawkeye Keylogger

New Campaign Uses RTF Files to Drop Agent Tesla Trojan and Other Malware