Attackers Leverage Excel File Encryption to Deliver …

Technique involves saving malicious Excel file as “read-only” and tricking users into opening it, Mimecast says. Researchers from Mimecast have recently observed a campaign where threat actors are using a somewhat rarely seen but easy method to distribute malware using Microsoft Excel’s standard file encryption capabilities. The tactic essentially involves…

read more

Microsoft Alerts Healthcare to Human-Operated …

Microsoft has notified dozens of hospitals with vulnerable gateway and VPN appliances in their infrastructure, which could put them at risk. Microsoft is alerting healthcare organizations to a rise in human-operated ransomware, which has been growing in frequency as attackers continue to take advantage of the COVID-19 crisis. These types…

read more

How Much Downtime Can Your Company Handle?

Why every business needs cyber resilience and quick recovery times. Cyber incidents in the past few years have captured the attention of business executives. The World Economic Forum’s “Global Risks Report 2020” cites cyberattacks among today’s top 10 business risks in terms of their likelihood of occurring and ability to…

read more

Cybercriminals’ Promises to Pause During Pandemic …

As pandemic worsens, online profiteering — from fraudsters to ransomware operators to cybercriminal hacking — continues unabated, despite some promises from the underground. Pandemics make for strange bedfellows. In mid-March, ransomware gangs claimed to be pausing operations against healthcare organizations for the duration of the coronavirus pandemic, following pleas from…

read more

New APT Targets Middle Eastern Victims

The new malware, dubbed “Milum,” can take control of industrial devices. A Trojan that gains remote control of devices has been identified and is being tracked by researchers with the Kaspersky Global Research and Analysis Team (GReAT). Dubbed “Milum,” the Trojan is being distributed in a campaign the researchers are…

read more

How Attackers Could Use Azure Apps to Sneak into …

Researchers warn Microsoft 365 account holders to pay attention to unknown applications that request permissions. Microsoft Azure applications could be weaponized to break into Microsoft 365 accounts, report researchers who are investigating new attack vectors as businesses transition to cloud environments. The Varonis research team encountered this vector while exploring…

read more