In January 2022, Microsoft announced that Excel 4.0 macros would be restricted by default, to protect users from malicious macros. In February 2022, Microsoft announced that VBA macros would also be blocked for files downloaded from the internet. Cybersecurity professionals and enthusiasts rejoiced at the news! Malicious Office documents were running rampant. Attackers abused Microsoft Office macros to deliver BazarLoader and Trickbot, and remote access trojans like AveMaria and AgentTesla.

Today CrowdStrike sent the following Tech Alert to our customers: On July 8, 2022, CrowdStrike Intelligence identified a callback phishing campaign impersonating prominent cybersecurity companies, including CrowdStrike. The phishing email implies the recipient’s company has been breached and insists the victim call the included phone number.

Microsoft SharePoint Online is one of the most widely used content management platforms. Unfortunately, Proofpoint recently discovered that threat actors can abuse a feature in SharePoint Online and OneDrive for Business to encrypt all of your files and hold them ransom.

Due to the proliferation of cloud-native environments, ransomware attacks have increased dramatically in recent years. Cybercriminals can access a variety of ransomware tools from anywhere in the world at a moment’s notice. This capability has produced an entire economy of Ransomware-as-a-service (RaaS). Despite significant investment in real-time infrastructure security tools, organizations are failing to quickly identify and recover from an attack.

WatchGuard has obtained OPSWAT's GOLD distinctive insignia as a certified provider, demonstrating that its applications are powerful, reliable, and efficient. Products that receive the OPSWAT GOLD certification, such as WatchGuard EPDR, are highly compatible with the industry's leading NAC and SSL-VPN solutions, such as Citrix Access Gateway, Juniper Host Checker, F5 FirePass, etc. Gold-certified products can be detected by these solutions, and some remediation and evaluation actions are supported.

Read also: RansomHouse extortion gang allegedly stole 450GB of data from AMD, one of Iran’s major steel companies was hit by a cyberattack, and more.

Cybercriminals are constantly evolving their operations, the methods they use to breach an organization’s defenses and their tactics for monetizing their efforts. In the CrowdStrike 2022 Global Threat Report, we examined how the frequency and sophistication of ransomware attacks has grown in the past year.

Emotet, one of the most pervasive and destructive botnets in use today, first appeared in 2014. Despite its age, Emotet is still going strong and shows no signs of disappearing anytime soon.