Close Menu
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Facebook X (Twitter) LinkedIn
Facebook X (Twitter) LinkedIn
Information Security BuzzInformation Security Buzz
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Subscribe
Information Security BuzzInformation Security Buzz
Home - News & Analysis - MS Word Document Attacks On The Rise Says Report
News & Analysis

MS Word Document Attacks On The Rise Says Report

ISBuzz TeamBy ISBuzz TeamMarch 28, 20183 Mins Read
Share LinkedIn Twitter Facebook Copy Link Email
Start Considering an Endpoint Management Upgrade
Share
Facebook Twitter LinkedIn Email Copy Link
Quick AI Summary
ChatGPTClaudeGeminiGrokPerplexityDeepSeekCopilot

Macro-less Word Document Attacks on the Rise and Zero Day Malware Variants
Jump 167 Percent

  WatchGuard Launches Threat Landscape visualisation tool to better understand security threats

 Total malware attacks are up by 33 percent and cyber criminals are increasingly leveraging Microsoft Office documents to trick victims and deliver malicious payloads, according to the latest Internet Security Report from WatchGuard Technologies, based on global threat intelligence data from nearly 40,000 Firebox appliances.WatchGuard has also launched a new Threat Landscape data visualisation tool, giving public access to daily updates about the most prevalent computer and network security threats affecting SMBs and distributed enterprises.

Dynamic Data Exchange (DDE) attacks topped WatchGuard’s top-ten malware list as hackers increasingly exploited issues within the Microsoft Office standard to execute code. Also called ‘macro-less malware’, these malicious documents often use PowerShell and obfuscated script to get past network defences. Additionally, two of the top-ten network attacks involved Microsoft Office exploits, further emphasising the growing trend of malicious document attacks.

Overall, malware attacks grew significantly, while zero day malware variants jumped 167 percent. WatchGuard Fireboxes blocked over 30 million malware variants in Q4 2017, which was a 33 percent increase over the previous quarter. Out of the total threats prevented, the subset of new or zero day malware instances rose steeply by 167 percent, compared to the previous quarter. These increases can likely be attributed to heightened criminal activity during the holiday season.

 

“After a full year of collecting and analysing Firebox Feed data, we can clearly see that cyber criminals are continuing to leverage sophisticated, evasive attacks and resourceful malware delivery schemes to steal valuable data,” said Corey Nachreiner, chief technology officer at WatchGuard Technologies. “Although these criminal tactics may vary over time, we can be certain that this broad trend will persist, so the risks have never been greater for small and midsize organisations with less IT and security resources. We encourage businesses of all sizes to proactively mitigate these threats with layered security services, advanced malware protection andemployee education and training in security best practices.”

The report also shows that nearly half of all malware detected eluded basic antivirus (AV) solutions. WatchGuardFireboxes block malware using both legacy signature-based detection techniques and a modern, proactive behavioural detection solution – APT Blocker – which provides advanced malware protection by catchingmalware variants missed by legacy AV signatures. This zero day malware accounted for 46 percent of all malware in Q4. This level of growth suggests criminals are using more sophisticated evasion techniques capable of slipping attacks past traditional AV services, which further underscores the importance of behaviour-based defences.

 

Script-based attacks caught by signatures for JavaScript and Visual Basic Script threats, such as downloaders and droppers, accounted for 48 percent of top malware detected in Q4. Users should take note of the continued popularity of these attacks and watch out for malicious script in web pages and email attachments of any kind.

The full Internet Security Report features evaluations of the quarter’s most pervasive malware and network attacks, recommendations for useful defensive strategies in today’s threat landscape, and a detailed breakdown of “the Krack Attack” – one of the top information security issues in 2017.

Additionally, the report includes a new research project from the WatchGuard Threat Lab, which analyses a database of more than 1 billion stolen password records to stress just how often users choose weak passwords and re-use credentials across multiple accounts. This quarter’s conclusions are based on anonymised Firebox Feed data from nearly 40,000 active WatchGuard Fireboxes worldwide, which blocked more than 30 million malware variants (783 per device) and 6.9 million network attacks (178 per device) in Q4 2017.

ISBuzz Team
  • ISBuzz Team
    Air Canada Data Breach: BianLian Extortion Group Claims A Massive Heist Contrary To Airline’s Earlier Statement
  • ISBuzz Team
    Unprecedented DDoS Attack Rocks The Web: Tech Giants Reveal A Digital Tsunami
  • ISBuzz Team
    CISA Flags High-Severity Adobe Acrobat Reader Flaw Amid Active Exploits
  • ISBuzz Team
    Curl Security Alert: Patching A Critical Bug Averting Potential Cyber Catastrophe

The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.

Share. Facebook Twitter LinkedIn Email Copy Link

Related Posts

Exploited Faster, Patched Slower: Verizon DBIR 2026 Shows Security Teams Losing Ground

May 20, 20265 Mins Read

Security’s Blind Spot: The Threats Hiding in “Low-Severity” Alerts

May 6, 20265 Mins Read

Why OSINT deserves the same status as other intelligence disciplines

March 17, 20266 Mins Read
ISB-Bora-Side-Bar

No se ha podido establecer conexión. Error 429

 
ISB-Bora-Side-Bar
Black ISB Logo

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics

X (Twitter) LinkedIn Facebook RSS

Working With Us

  • About Us
  • Advertise With Us
  • Contact Us

Write For Us

  • How To Contribute

The Pages

  • Privacy Policy
  • Cookie Policy
  • AI Policy
  • Terms & Conditions
  • Copyright Notice

Information Security Buzz and all its contents are copyright © 2014-2025. All rights reserved. All third-party trademarks are recognized.

Type above and press Enter to search. Press Esc to cancel.

Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}