-
-
A Breakdown of Singapore’s Notice on Cyber Hygiene
In mid-2019, leadership from The Monetary Authority of Singapore announced a Notice on Cyber Hygiene that imposes cybersecurity regulations on Singapore’s financial institutions, including but not limited to banks, insurance brokers, financial advisors, and e-payment companies. The Notice on Cyber Hygiene goes into effect on August 6, 2020 for the purpose of strengthening the security…
-
File-Borne Attacks: Spearphishing Campaigns Target the Oil & Gas Industries
In recent months, there has been a significant uptick in malicious campaigns directed at companies within healthcare, financial services, critical infrastructure, among others. In fact, research indicates that hacking and phishing attacks rose over six-times their typical level in March. According to government intelligence agencies, the trend still continues today. One illustrative example is the…
-
Avoid getting bitten by a NetSupport Manager RAT
On May 19, Microsoft warned of a massive phishing scam that takes advantage of the COVID-19 pandemic by luring unsuspecting users into opening legitimate-looking Excel files that contain malicious macros. These malicious macros utilize VBA programming in Microsoft Office macros to inject a user’s system with malware. Cybercriminals have tapped into this simple and inexpensive…
-
Webinar: How FedEx, UPS & DHL Customers were Tricked by an Advanced Phishing Campaign
-
Image Steganography Example: How I Created an Attack
A cyber attack using image steganography techniques refers to the practice of cybercriminals hiding malicious code within an innocent-looking image file.
-
How Hackers use Image Steganography to Hide Malware and What You can Do to Stop Them
Cybersecurity demands constant vigilance; hackers are constantly expanding their arsenal of threats and are even revitalizing old attack methods. One old-school threat that has reappeared in a more sophisticated form is image steganography. What is image steganography? Image steganography refers to the practice of hiding code within an innocent-looking image. Cybercriminals have harnessed this effective…
-
Anatomy of a Well-Crafted UPS, FedEx, and DHL Phishing Email During COVID-19
What happened: Votiro’s Research Team has discovered a malicious macro that delivers a Dridex trojan payload hiding in Microsoft Excel spreadsheets delivered via phishing emails appearing to be from UPS, FedEx, and DHL. The Excel spreadsheet includes an obfuscated macro that launches PowerShell in hidden mode and downloads the payload from geronaga.com, a website that…
-
Malware Sandbox Evasion Using VBA Macros: How it Works
The sandbox – an isolated testing environment where a file or program from untrusted sources can be executed – is a common method of cyber-defense for many networks. The sandbox is designed to ensure that if a program or file is malicious, it will be discovered and blocked without compromising organizational security. Sandboxing is also…
