Emotet Malware Actively Exploiting MS Office
March 27th, 2023 |
Emotet Malware Actively Exploiting MS Office With Bogus IRS Documents
The notorious Emotet malware is back, this time emailing malware embedded in Microsoft Office documents disguised as an IRS W-9 tax form. This iteration of Emotet uses Microsoft OneNote files with embedded scripts to install the Emotet malware once clicked.
Once installed Emotet steals emails and other confidential data from a user’s system. There have been recorded instances where the stolen emails were used in reply-chain mail attacks where legitimate emails are used to manipulate users to install click on and install the malware. This is used to expand the attackers’ network of controlled systems.
Emotet-controlled systems have also been known to have been sold to Ransomware Gangs where ransomware is installed and information is siphoned off before locking up the system.
Acreto addresses the Emotet style challenges by empowering customers to allow specific file types while blocking all else. For example, a customer can allow image files and PDFs, while preventing any other file types including Executables (.EXE, .BAT), Office Files (.DOC, .XLS, .PPT, etc….), and even newer methods such as Screensavers (.SCR). This offers the advanced protections of a positive security model while being very easy to deploy.
Below is a sample of an email with the malicious Emotet malware.
Gordon Moore Passed Away at 94
The Intel co-founder Gordon Moore passed away peacefully this past weekend at the age of 94, leaving behind a legacy that forever changed technology. Moore’s Law, the Eponym of Gordon Moore, is the observation that the number of transistors in an integrated circuit (IC) doubles about every two years.
Twitter Turns Off 2FA Amidst Code Leak
Coming off of a highly publicized leak of Twitter’s source code, Twitter has decided that only paying customers deserve 2FA via SMS. This is yet another questionable choice that leaves both Twitter and its users at higher risk.
About Acreto
Acreto delivers full-stack cybersecurity without products, logistics or significant security expertise. It creates and consolidates the best of cybersecurity into a single plug-and-play platform with automated updates to stay ahead of threats. Acreto activates enterprise-grade security instantly, so organizations can run safely, easily, and without interruption.