Following the LNK metadata trail

Adversaries’ shift toward Shell Link (LNK) files, likely sparked by Microsoft’s decision to block macros, provides the opportunity to capitalize on information that can be provided by LNK metadata. Cisco Talos analyzed metadata in LNK files and correlated it with threat actors tactics techniques and procedures, to identify and track threat actor activity. This report […]

Continue Reading

Google ads increasingly pointing to malware

A month ago, the FBI warned the public about search engine ads pushing malware diguised as legitimate software – an old tactic that has lately resulted in too many malicious ads served to users searching for software, cracked software, drivers – anything that can be downloaded, really – via Google and Bing. The recent explosion […]

Continue Reading

Threats that will dominate headlines in 2023

In this Help Net Security video, MacKenzie Jackson, Developer Advocate at GitGuardian, offers his cybersecurity predictions for 2032. These include: Developers will be a priority target for hacking campaigns Doubling down on MFA bypass Source code security More efforts to measure the software supply chain attack surface Open-source security will be front and center on […]

Continue Reading

The most significant DDoS attacks in the past year

DDoS attacks are getting larger and more complex moving towards mobile networks and IoT, which are now used in cyberwarfare. In this Help Net Security video, Steve Winterfeld, Advisory CISO at Akamai, discusses the most powerful DDoS attacks in the past 12 months. The post The most significant DDoS attacks in the past year appeared […]

Continue Reading

Reported phishing attacks have quintupled

The third quarter of 2022, APWG observed 1,270,883 total phishing attacks — is the worst quarter for phishing that APWG has ever observed. The total for August 2022 was 430,141 phishing sites, the highest monthly total ever reported to APWG. Over recent years, reported phishing attacks submitted to APWG have more than quintupled since the […]

Continue Reading

Threat predictions for 2023: From hacktivism to cyberwar

When it comes to 2023 threat predictions, Trellix anticipates spikes in geopolitically motivated attacks across Asia and Europe, hacktivism fueled by tensions from opposing political parties, and vulnerabilities in core software supply chains. “Analyzing current trends is necessary but being predictive in cybersecurity is vital. While organizations focus on near-term threats, we advise all to […]

Continue Reading

Threat Spotlight: XLLing in Excel – threat actors using malicious add-ins

Microsoft is phasing out support for executing VBA macros in downloaded Office documents. Cisco Talos investigates another vector for introduction of malicious code to Microsoft Excel—malicious add-ins, specifically XLL files. Although XLL files were supported since early versions of Excel, including Excel 97, malicious actors started using it relatively recently. Currently, a significant number of […]

Continue Reading

Ransomware predictions for 2023

In this Help Net Security video, Dave Trader, Field CISO at Presidio, talks about the evolution of ransomware attacks and outlines what we can expect in 2023. The lack of fundamental cybersecurity practices and controls, including critical vulnerability patching and employee cybersecurity training, undermines organizational attempts to improve ransomware defenses. A ransomware crisis leaves deep […]

Continue Reading