My TechDecisions

Search Results: emotet

3CX Supply Chain Attack

Emotet Pivots From Office Macros to OneDrive URLs and PowerShell, Security Researchers Warn

With Microsoft taking action preventing the malicious use of Office macros, the Emotet operators are turning to OneDrive URLs and PowerShell.

April 27, 2022 Zachary Comeau Leave a Comment

Notorious botnet Emotet is reportedly testing out new attack methods that bypass new Microsoft protections against Macros in Office documents and leverage OneDrive URLs and PowerShell. The Emotet botnet began its reemergence in November 2021 after its January 2021 takedown by a multinational coalition of law enforcement, with the group associated with the botnet targeting […]

Read More
Cybersecurity testing, penetration testing, cyber threats

Is Your Organization Testing Against the Right Cyber Threats?

New research shows that organizations are testing against cyber threats in the headlines rather than attacks they're more likely to face.

April 12, 2023 Zachary Comeau Leave a Comment

Ransomware, supply chain attacks and nation-state threat actors have grabbed mainstream headlines in recent years, and organizations are largely recognizing that they must invest more in cybersecurity to defend against those emerging techniques. However, new research shows that some organizations are prioritizing defending against those trending, newsworthy threats at the expense of the threats actually […]

Read More
Tax day concept. Businessman using the laptop to fill in the income tax online return form for payment.

Best Practices on How to Avoid Phishing Scams Ahead of Tax Day

Learn how to protect yourself and your organization from tax scams ahead of the U.S. tax deadline with these best practices.

April 10, 2023 Steven Spadaccini Leave a Comment

With April’s U.S. tax deadline, cybercriminals have sprung into action. For one, a devious Emotet malware phishing campaign has been launched, masquerading as official W-9 tax form emails sent from the Internal Revenue Service (IRS). A malicious group known as Tactical#Octopus is also on the prowl and looking to spread malware through fake file downloads […]

Read More
Google Cybersecurity Certificate

BlackBerry: Cyberattacks Are Being Launched Once Every Minute

Threat actors are evolving to target a wide variety of systems and infrastructure, BlackBerry says in a new report.

January 25, 2023 Zachary Comeau Leave a Comment

A new report from BlackBerry reveals that threat actors are launching an attack about once every minute, with the resurgence of the Emotet botnet, phishing attacks and infostealers dominating the attack landscape. The Ontario-based intelligent security software and services provider’s first Global Intelligence Report on the fourth quarter of 2022 find that the company’s AI-driven […]

Read More
CISO Burnout

Cybersecurity Burnout Persists as Attack Landscape Shifts

As new cyberattack trends continue to emerge, burnout among cybersecurity teams remains a critical issue, according to VMware report.

August 8, 2022 Zachary Comeau Leave a Comment

As new cyberattack trends continue to emerge, burnout among cybersecurity teams remains a critical issue, according to VMware’s new Global Incident Response Threat Report. The Palo Alto, Calif.-based company’s report, issued during Black Hat USA 2022, details how the “ceaseless wave of cyberattacks,” pandemic disruptions and a constantly shifting threat landscape is causing nearly 47% […]

Read More
Microsoft 365 domain, cloud.microsoft

With Microsoft Office Macros Blocked by Default, Hackers are Using Other Techniques

New Proofpoint research show how threat actors are adapting to Microsoft blocking Office macros by default by leveraging other file types.

July 29, 2022 Zachary Comeau Leave a Comment

After pausing the rollout of a default macro-blocking feature in Microsoft Office, Microsoft is now officially blocking VBA macros by default in Office applications in a move to make it harder for threat actors to deploy malware and ransomware using Office applications. Microsoft first announced the VBA macro blocking in February 2022, just a few […]

Read More
Microsoft macros

Microsoft Temporarily Rolls Back Default Office VBA Macros Blocking

Citing feedback, Microsoft is temporarily reversing its rollout of a feature that blocks VBA macros in Office apps by default.

July 11, 2022 Zachary Comeau Leave a Comment

Update July 11: In an update to the original blog post announcing the blocking of VBA macros by default, Microsoft said the rollback is temporary while additional changes are made to enhance visibility.  “This is a temporary change, and we are fully committed to making the default change for all users,” Microsoft says in the […]

Read More
Microsoft Fortra healthcare ransomware

WatchGuard: Ransomware on Pace for Record Year

WatchGuard Technologies says ransomware detections doubled the total number of detections for all of 2021 in just the first quarter.

June 28, 2022 Zachary Comeau Leave a Comment

Despite increased law enforcement pressure on the ransomware industry and an IT community that has never been more aware of the ransomware threat, ransomware detections had already doubled the total number of detections for all of 2021 in just the first quarter, according to a new report from WatchGuard Technologies. The cybersecurity firm’s researchers say […]

Read More
China, Hacking, Microsoft, Routers, Volt Typhoon

Report: Advanced Threats Detected Rise 33% in Q4

WatchGuard Technologies' Internet Security Report finds that attacks are increasing and a 2018 Office exploit is being exploited.

April 7, 2022 Zachary Comeau Leave a Comment

If the fourth quarter for 2021 is any indication, 2022 will be another year that cybersecurity and IT professionals would want to forget, as advanced network attacks increase by 33% in the fourth quarter, indicating a higher level of zero day threats than ever before, reports WatchGuard Technologies. In a new analysis of the fourth […]

Read More
Atera ESET Integration

The Qakbot Malware Now Interjects Itself Into The Middle of Email Conversations

Qakbot uses other compromised accounts to interject itself in the form of a reply-all email that includes a link to download malicious files.

March 11, 2022 Zachary Comeau Leave a Comment

The notorious and heavily distributed email-borne malware Qakbot is now being spread via a new technique: inserting malicious replies into the middle of existing email conversations. According to cybersecurity firm Sophos, Qakbot uses the compromised accounts of other infected victims to interject itself in the form of a reply-all message that includes a short sentence […]

Read More