My TechDecisions

Search Results: emotet

XorDdos, Linux DDoS Trojan

Emotet Pivots From Office Macros to OneDrive URLs and PowerShell, Security Researchers Warn

With Microsoft taking action preventing the malicious use of Office macros, the Emotet operators are turning to OneDrive URLs and PowerShell.

April 27, 2022 Zachary Comeau Leave a Comment

Notorious botnet Emotet is reportedly testing out new attack methods that bypass new Microsoft protections against Macros in Office documents and leverage OneDrive URLs and PowerShell. The Emotet botnet began its reemergence in November 2021 after its January 2021 takedown by a multinational coalition of law enforcement, with the group associated with the botnet targeting […]

Read More

Dialpad Wins Overall Remote Tech Solution of the Year From RemoteTech Breakthrough

June 24, 2021 TechDecisions Staff Leave a Comment

RemoteTech Breakthrough recognizes Dialpad’s Innovation in Global Remote Technology SAN FRANCISCO–(BUSINESS WIRE)–Dialpad Inc., the industry leader in AI-powered communication and collaboration, today announced it has been awarded the Overall Remote Tech Solution of the Year presented by RemoteTech Breakthrough, a leading independent market intelligence organization. The award recognizes the world’s best technology companies, products and […]

Read More
Emotet

Multinational Law Enforcement Officials Take Down Notorious Emotet Botnet

An international group of law enforcement officials have announced a large operation to take down the infrastructure of the malware and botnet Emotet.

January 29, 2021 Zachary Comeau Leave a Comment

An international group of law enforcement officials, including the U.S. Department of Justice and Europol, have announced a large operation to take down the infrastructure of the malware and botnet Emotet. European authorities on Tuesday said they seized control of Emotet, one of the most notorious distributors of malware and hacking-as-a-service operations that has affected […]

Read More
CISO Burnout

Cybersecurity Burnout Persists as Attack Landscape Shifts

As new cyberattack trends continue to emerge, burnout among cybersecurity teams remains a critical issue, according to VMware report.

August 8, 2022 Zachary Comeau Leave a Comment

As new cyberattack trends continue to emerge, burnout among cybersecurity teams remains a critical issue, according to VMware’s new Global Incident Response Threat Report. The Palo Alto, Calif.-based company’s report, issued during Black Hat USA 2022, details how the “ceaseless wave of cyberattacks,” pandemic disruptions and a constantly shifting threat landscape is causing nearly 47% […]

Read More
Microsoft Office Symbols

With Microsoft Office Macros Blocked by Default, Hackers are Using Other Techniques

New Proofpoint research show how threat actors are adapting to Microsoft blocking Office macros by default by leveraging other file types.

July 29, 2022 Zachary Comeau Leave a Comment

After pausing the rollout of a default macro-blocking feature in Microsoft Office, Microsoft is now officially blocking VBA macros by default in Office applications in a move to make it harder for threat actors to deploy malware and ransomware using Office applications. Microsoft first announced the VBA macro blocking in February 2022, just a few […]

Read More
Microsoft macros

Microsoft Temporarily Rolls Back Default Office VBA Macros Blocking

Citing feedback, Microsoft is temporarily reversing its rollout of a feature that blocks VBA macros in Office apps by default.

July 11, 2022 Zachary Comeau Leave a Comment

Update July 11: In an update to the original blog post announcing the blocking of VBA macros by default, Microsoft said the rollback is temporary while additional changes are made to enhance visibility.  “This is a temporary change, and we are fully committed to making the default change for all users,” Microsoft says in the […]

Read More
NCC group Ransomware

WatchGuard: Ransomware on Pace for Record Year

WatchGuard Technologies says ransomware detections doubled the total number of detections for all of 2021 in just the first quarter.

June 28, 2022 Zachary Comeau Leave a Comment

Despite increased law enforcement pressure on the ransomware industry and an IT community that has never been more aware of the ransomware threat, ransomware detections had already doubled the total number of detections for all of 2021 in just the first quarter, according to a new report from WatchGuard Technologies. The cybersecurity firm’s researchers say […]

Read More
WatchGuard Report

Report: Advanced Threats Detected Rise 33% in Q4

WatchGuard Technologies' Internet Security Report finds that attacks are increasing and a 2018 Office exploit is being exploited.

April 7, 2022 Zachary Comeau Leave a Comment

If the fourth quarter for 2021 is any indication, 2022 will be another year that cybersecurity and IT professionals would want to forget, as advanced network attacks increase by 33% in the fourth quarter, indicating a higher level of zero day threats than ever before, reports WatchGuard Technologies. In a new analysis of the fourth […]

Read More
Microsoft Defender Antimalware engine

The Qakbot Malware Now Interjects Itself Into The Middle of Email Conversations

Qakbot uses other compromised accounts to interject itself in the form of a reply-all email that includes a link to download malicious files.

March 11, 2022 Zachary Comeau Leave a Comment

The notorious and heavily distributed email-borne malware Qakbot is now being spread via a new technique: inserting malicious replies into the middle of existing email conversations. According to cybersecurity firm Sophos, Qakbot uses the compromised accounts of other infected victims to interject itself in the form of a reply-all message that includes a short sentence […]

Read More
XorDdos, Linux DDoS Trojan

Microsoft Temporarily Disables Exploited MSIX Protocol Handler

Microsoft disabled the MSIX ms-appinstaller protocol and is working on a fix after a bug was discovered that allows attackers to spoof App Installer.

February 7, 2022 Zachary Comeau Leave a Comment

Microsoft says that it has disabled the MSIX ms-appinstaller protocol and is working on a fix after a security bug was discovered that allows an attacker to spoof App Installer. According to a Microsoft Tech Community blog, an attacker could spoof App Installer to install a package that a user did not intend to install. […]

Read More