Security News

With Microsoft taking steps to block Excel 4.0 and Visual Basic for Applications macros by default across Office apps, malicious actors are responding by refining their new tactics, techniques, and procedures. In its place, adversaries are increasingly pivoting away from macro-enabled documents to other alternatives, including container files such as ISO and RAR as well as Windows Shortcut files in campaigns to distribute malware.

The United States' federal court system "Faced an incredibly significant and sophisticated cyber security breach, one which has since had lingering impacts on the department and other agencies." That quote comes from congressional representative Jerrold Lewis Nadler, who uttered them on Thursday in his introductory remarks to a House Committee on the Judiciary hearing conducting oversight of the Department of Justice National Security Division.

Cybersecurity threats keep evolving, meaning that most, if not all, organizations could be dangerously exposed as the digital ecosystem develops. While some organizations attempt to identify ways to lower their risk, there is no one-size-fits-all way to avoid the next attack - and for good reason.

Hackers who normally distributed malware via phishing attachments with malicious macros gradually changed tactics after Microsoft Office began blocking them by default, switching to new file types such as ISO, RAR, and Windows Shortcut attachments.VBA and XL4 Macros are small programs created to automate repetitive tasks in Microsoft Office applications, which threat actors abuse for loading, dropping, or installing malware via malicious Microsoft Office document attachments sent in phishing emails.

The legacy approach to attack surface management falls short of what modern organizations require: contextual awareness. Security teams increasingly suffer from threat intelligence sensory overload while still unable to achieve the visibility they need to protect the organization, its infrastructure, and mission critical digital assets.

Ransom DDoS attacks are carried out for extortion - the attackers promise to cease their attack upon receiving the ransom. According to Gcore, the number of such complex multivector attacks tripled in 2022 compared to the previous year.

The key takeaway is that digital growth in the financial industry is not stopping; therefore, cybersecurity teams will need ways to gain accurate, real-time visibility into their attack surface. Breach and attack simulation, or BAS, helps identify vulnerabilities by simulating the potential attack paths that a malicious actor might use.

The investigation relies on information mainly gathered by the US central bank regarding an internal probe of 13 persons of interest known as the P-network. Those individuals were allegedly part of a network engaged in a "Sustained malign influence and information theft campaign" targeting the Federal Reserve.

A strong account lockout policy is one of the most effective tools for stopping brute force authentication attempts on Windows domains. As an alternative, you can force an account lockout to remain in effect until an administrator unlocks the account by setting the account lockout duration value to 0.

The bloom is back on phishing attacks with criminals doubling down on fake messages abusing popular brands compared to the year prior. Microsoft, Facebook and French bank Crédit Agricole are the top abused brands in attacks, according to study on phishing released Tuesday.