News broke earlier today that hackers have launched a new spam campaign, targeting the telecommunications, insurance and financial services industries. The campaign involves hackers using new Microsoft Office vulnerabilities to spread a potent backdoor malware called Zyklon, which can steal passwords, allow hackers to launch DDoS attacks and mine cryptocurrency, among other things.
“There’s no getting away from the levels of sophistication that cyber criminals are now using to underpin their nefarious activities. This latest report of vulnerabilities in Microsoft Office products being leveraged to install malware, which can be remotely controlled to deliver those attacks, may not be a surprise to many people.
“However, the flexibility and attack scale possible from such an army of compromised devices should be a significant concern. The possibilities for cryptocurrency abuse or the ability to generate large-scale DDoS attacks have significant revenue generating potential for the cyber-criminals, at the expense of those trying to benefit from the broad opportunities the Internet affords.
“Ensuring your software is patched can help to keep you safe from attacks on your data or cryptocurrency, but the only way to ensure you are safe from external DDoS attacks generated by this malware, is to ensure you have the latest real-time protection in place.”
“Clearly this is an infection that supports the urgency to keep systems patched with automated updates. Although a system might be protected against Zyklon, variants of malware are constantly being released in a zero-day fashion. These infections can lead to costly clean-ups. As a proactive measure, companies with Microsoft products deployed should be collecting network traffic flows from all routers and virtual servers to perform network traffic analysis in the event of a breach. Detecting and locating the source of the breach event quickly is of paramount importance. For example, Tor traffic, which is unusual on a network, can easily be found and stopped by looking at the traffic flow. Leveraging traffic analytics and adding context can lead to faster remediation and go a long way towards helping keep a company safe.”
ISBuzz Team embodies the collaborative efforts of the dedicated staff at Information Security Buzz, converging a wide range of skills and viewpoints to present a unified, engaging voice in the information security realm. This entity isn't tied to a single individual; instead, it's a dynamic embodiment of a team diligently working behind the scenes to keep you updated and secure. When you read a post from ISBuzz Team, you're receiving the most relevant and actionable insights, curated and crafted by professionals tuned in to the pulse of the cybersecurity world. ISBuzz Team - your reliable compass in the fast-evolving landscape of information security
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.