Results for social engineering

Industry Trends

Threat Intelligence Roundup September 09, 2016

This is our third week of the roundup, and things in the cyberthreat world continue to be interesting, including the return of several attacks we have seen for years. Here’s a quick summary of what happened this week. 1. It’s Still About Ransomware. While last week’s spike seems to have calmed down, we are still seeing an alarming amount of ransomware. This week our top 10 detections were all Javascript-based variants of Nemucod, with nearly 7 million attempts logged. It seems like attackers are producing a new Nemucod variant...

By Bill McGeeSeptember 09, 2016

Threat Research

Hack in Paris 2015

It was my first time at Hack in Paris, with a single track of talks, but definetely good ones. I'll be highlighting below what struck me the most. You don't hear me but your phones voice interface does (José Lopes Esteves, Chaouki Kasmi) It is possible to inject signal to voice control systems on a phone. That signal, although it won't sound like a voice to human beings - will be interpreted by the voice control system and can be used to remotely command the phone. The authors showed a video where the injected signal...

By Axelle ApvrilleJune 23, 2015

Threat Research

Dridex’s Macro Downloader

Modern malware use every possible vector of attack to infect a system. Emails, which are available to almost everyone, are common carriers. In this type of attack, attackers try to lure users to open malicious attachments that look like documents, but have multiple file extensions, such as “financial.doc.exe”. Most of the time, the user only sees the “financial.doc” filename without the ".exe" extension, which makes it easy to assume that it is a Microsoft Word document. Once the file is clicked and executed, the...

By Raul AlvarezApril 29, 2015

Threat Research

Old, but New – An Analysis of Recent VBA Macros

In early November, we experienced an influx of Microsoft Word documents that contained malicious macros. Just when the computer security industry was on the verge of forgetting these oldies, they rose to life once again, proving that they’re not allowing themselves to be eliminated that easily. In June, Ruhai Zhang warned of macro threats that continue to spread, particularly those that use Microsoft Excel. In this blog post, I will go over a family of Microsoft Word macros, detected as WM/Agent!tr, that I have encountered in the past couple...

By Sousan YazdiJanuary 06, 2015

Threat Research

Long Live Macro Threats!

Whenever we refer to macro threats, we are reminded of those malicious macros in the old days which infect Microsoft Office documents. Contrary to popular belief, macro threats haven't completely disappeared. Even with many new security features added to Microsoft Office and even with the improvement of people's security consciousness, macro threats still continue to persist. These new macro threats, however, have changed their role from being infectors into droppers that could decrypt/decode/drop/execute the payload. In this way, the payload...

By Ruhai ZhangJune 16, 2014

Industry Trends

Mission Facebook: Three Attack Weapons

When Facebook broke all records with its $100 billion IPO, security experts wondered if the news would make it an even bigger target for hackers. But let’s face it, with the world’s largest social network climbing toward a billion users—around one seventh of the global population—it’s a pretty safe bet that it was already wearing a big red X on its back. According to popularity service, Facebook is the second most visited site, after Google and before YouTube, putting it prominently in the line of fire for cybercriminals. And...

By Stefanie HoffmanJune 15, 2012

Threat Research

Targeting next generation users on social networks

While the next generation of tech has arguably arrived, it is simply a fact now that social networking sites and the blogosphere have become an integrated part of many peoples lives - some may even call them home (at least to their browsers). In 2008, we predicted the wave of spam that would hit these "Web 2.0" platforms as it was a natural target for spam to migrate to after years of living inside of mass mailers. Indeed, throughout the year of 2008 we witnessed a barrage of attacks on these sites: malicious social applications, "Spam 2.0", worms...

By Derek MankyJune 18, 2009

Threat Research

March Threat Landscape Report: Virut, Conficker and social engineering

Our March 2009 Threat Landscape Report is now available, recapping a month of threat activity from exploits and malware, to spam. Here are some key movements from the report along with comments: After a year long battle, W32/Virut.A finally lands in top spot - surpassing Netsky. This parasitic file infector proves to be quite virulent, and has generated enough activity to land in our malware top 10 for twelve solid months. On top of infecting multiple local files on a PC, the virus can spread through file shares and/or removable media such as USB...

By Derek MankyMarch 27, 2009