FortiGuard Labs has recently identified a sophisticated cyberattack involving an Excel file embedded with a VBA macro designed to deploy a DLL file.
The attacker uses a multi-stage malware strategy to deliver the notorious “Cobalt Strike” payload and establish communication with a command and control (C2) server. This attack employs various evasion techniques to ensure successful payload delivery. Over the past few years, Ukraine has been a significant target due to its geopolitical situation. The history of these attacks reveals a pattern of increasing complexity and frequency, particularly during periods of geopolitical tension.
Read more…
Source: Fortinet
Related:
- UK Manufacturers Top Attack Target For Cyber Crooks
May 8, 2018
Manufacturing was the sector most attacked by cyber-criminals in the UK last year, a report from NTT Security has found, mirroring warnings from other agencies including the UK’s National Cyber Security Centre (NCSC) . The firm’s Global Threat Intelligence Report 2018 found that finance was the most targeted sector worldwide, accounting for 26 percent of attacks, including ...
- Incoming: Airborne Cyber Attacks No Longer the Stuff of Sci-Fi
April 19, 2018
From RSA: The prospect of virus-like cyberattacks spreading over the air may sound like science fiction but it’s shaping up to be the next major field of battle with hackers One if by land. Two if by sea. How about Three by airborne internet attack? CISOs will soon need to protect their organizations from virus-like cyber attacks ...
- Retail sector top cyber attack target
April 5, 2018
The retail sector suffered the most breach incidences (16.7%) in 2017 as attackers became more organised, the latest Trustwave security report shows. The retail sector was followed by the finance and insurance industry(13.1%) and hospitality (11.9%), according to the 2018 Trustwave global security report, which is based on the analysis of billions of security events worldwide, hundreds ...
- Insecure SCADA Systems Blamed in Rash of Pipeline Data Network Attacks
April 4, 2018
After a cyberattack shut down numerous pipeline communication networks this week, experts are stressing the importance of securing third-party systems in supervisory control and data acquisition (SCADA) environments. Over the past two days, various major U.S. pipelines across the country reported data system blackouts after a third-party electronic communication system was attacked. That electronic data interchange ...
- Energy Transfer Says ‘Cyber Attack’ Shut Pipeline Data System
April 3, 2018
A cyber attack that hobbled the electronic communication system used by a major U.S. pipeline network has been overcome. Energy Transfer Partners LP was confident that, after 6 p.m. New York time on Monday, files could safely be exchanged through the EDI platform provided by third-party Energy Services Group LLC, the pipeline company said in a notice. ...
- FBI: Iranian Firm Stole Data In Massive Spear Phishing Campaign
March 26, 2018
The United States Department of Justice announced charges against nine Iranians accused of stealing private data from U.S. universities, private companies and U.S. government agencies. FBI Deputy Director David Bowdich said in a statement that the state-sponsored hackers worked for more than four years to steal expensive science and engineering-related research, company trade secrets, and sensitive U.S. government ...

