FortiGuard Labs has recently identified a sophisticated cyberattack involving an Excel file embedded with a VBA macro designed to deploy a DLL file.
The attacker uses a multi-stage malware strategy to deliver the notorious “Cobalt Strike” payload and establish communication with a command and control (C2) server. This attack employs various evasion techniques to ensure successful payload delivery. Over the past few years, Ukraine has been a significant target due to its geopolitical situation. The history of these attacks reveals a pattern of increasing complexity and frequency, particularly during periods of geopolitical tension.
Read more…
Source: Fortinet
Related:
- After Windows and Android, Operation Emmental Starts Targeting Apple Users
July 11, 2017
Security experts have discovered new malware that is specifically aimed at Apple customers, after previously targeting users running Windows and Android on their devices. Believed to be part of Operation Emmental, which was first spotted in 2012, the new malware is called Dok and is primarily targeting customers of Swiss banks, according to an in-depth analysis ...
- Insurers may have to adjust policies to reflect ‘silent’ cyber risks
July 11, 2017
Insurers whose policies could give rise to claims for damage as a result of cyber attacks may have to adjust their policies or premiums to better reflect these risks, the Prudential Regulation Authority (PRA) has warned. Firms should also carry out regular ‘stress tests’ to ensure that they are properly resourced to respond to a large ...
- Hackers are using this new attack method to target power companies
July 10, 2017
Phishing emails, used to steal credentials from critical infrastructure firms, can silently harvest data without even using macros, researchers have warned. Hackers are targeting energy companies, including those working in nuclear power and other critical infrastructures providers, with a technique that puts a new spin on a tried-and-tested form of cyberattack. Phishing has long been a successful ...
- Security researcher creates ‘vaccine’ against ransomware attack
June 28, 2017
A vaccination for the global cyber attack that infected thousands of machines in dozens of countries has been discovered by an American security researcher. The simple antidote to the Petya ransomware, which stops computers from being able to launch and demands a $300 (£234) payment, uses an empty folder to block the virus from working. It could prevent further ...
- Britain prepared to use air strikes or send in troops as retaliation against future cyber attack
June 28, 2017
Britain could launch military retaliation such as air strikes against a future cyber attack, the Defence Secretary has suggested. Sir Michael Fallon warned potential attackers that a strike on UK systems “could invite a response from any domain – air, land, sea or cyberspace”. The Defence Secretary said the UK’s ability to carry out its own cyber ...
- Petya cyber attack: Ransomware spreads across Europe with firms in Ukraine, Britain and Spain shut down
June 27, 2017
Major firms, airports and government departments in Ukraine have been struck by a massive cyber attack which began to spread across Europe on Tuesday afternoon. In Ukraine, government departments, the central bank, a state-run aircraft manufacturer, the airport in Kiev and the metro network have all been paralysed by the hack. In the UK, the advertising firm WPP said ...