Threat actors behind the infamous Emotet malware are employing new sophisticated attack techniques to infect systems and networks and steal credentials. According to the cybersecurity company Deep Instinct, Emotet exploits “hijacked email threads and then [uses] those accounts as a launch point to trick victims into enabling macros of attached malicious office documents.” Additionally, researchers have observed the malware adjusting its tactics and techniques, which WaterISAC reported at the end of April. The threat actors have switched from non-secure HTTP to secured HTTPS communications, and they've also added in code obfuscation techniques to the payload. Also, almost 20 percent of all malicious emails observed exploited the 2017 Microsoft vulnerability CVE-2017-11882. After being infected with Emotet, threat actors can use the infected device to further propagate Emotet or load other third-party malware such as ransomware. Since Emotet spreads primarily via email, one of the best prevention methods is to refrain from opening suspicious emails. Read more at Darkreading.
H2Oex: In Person 1 day event/exercise. Thurs Dec 5th. Washington DC. Join us!