Microsoft | May 21, 2020
Microsoft states a massive COVID-19 themed phishing campaign is underway, as a component of which attackers set up the NetSupport Manager remote access device.
The brand-new campaign, which was found by the Microsoft Security Intelligence group, began on May12 The malware haul comes with destructive Excel accessories.
Through a collection of tweets, the Microsoft Security Intelligence group has actually described the recurring phishing assaults.
Microsoft states a massive COVID-19 themed phishing campaign is underway, as a component of which attackers set up the NetSupport Manager remote access device to gain remote access. The brand-new campaign, which was found by the Microsoft Security Intelligence group, began on May12 The malware haul comes with destructive Excel accessories that are being sent out by the attackers using e-mails. Notably, this isn’t the very first time when cyber-attackers are utilizing COVID-19 as a possibility to hack individuals. Companies consisting of Google have actually currently cautioned concerning the rise in such phishing assaults.
Through a collection of tweets, the Microsoft Security Intelligence group has actually described the recurring phishing assaults. The group states that the campaign provides the NetSupport Manager utilizing e-mails with accessories consisting of destructive Excel 4.0 macros. As per the information given by the Microsoft group, the strike starts with e-mails that claim to find from Johns Hopkins Center as well as reveal information concerning the energetic COVID-19 situations in the United States. However, actually, the e-mails consist of Excel submits that as soon as open, reveal a visual depiction of the coronavirus information.
Learn more: PHISHING ATTACKS DISGUISED AS FAKE CERT ERRORS ON CISCO WEBEX USED TO STEAL USER CREDENTIALS
“Notably, this isn’t the very first time when cyber-attackers are utilizing COVID-19 as a possibility to hack individuals. Companies consisting of Google have actually currently cautioned concerning the rise in such phishing assaults.”
~ Microsoft said
However, the data additionally consist of destructive Excel 4.0 macros that will certainly motivate individuals to“Enable Content” This starts the download as well as installment procedure of the NetSupport Manager customer from a remote website. Microsoft’s scientists have actually discovered that e-mails claim to find from John Hopkins Center lug destructive Excel data
Photo Credit: Twitter/ Microsoft Security Intelligence.
“For several months now, we’ve been seeing a steady increase in the use of malicious Excel 4.0 macros in malware campaigns. In April, these Excel 4.0 campaigns jumped on the bandwagon and started using COVID-19 themed lure.”
Once the remote access device is set up on a target’s system, the attackers can access as well as run commands from another location. In a certain situation, the Microsoft group has actually seen that the NetSupport Manager was utilized to go down numerous elements, consisting of some executable data as well as develop connection with a C2 web server to allow more commands from the attackers.Pay focus to what you’re downloading and install from e-mails.Users are advised to prevent taking notice of arbitrary e-mails as well as confirm e-mail addresses where they’re getting brand-new e-mails prior to downloading and install the consisted of accessories. Also, it is recommended to quickly transform passwords if you discover any type of weird behavior on your system.
Through a series of tweets, the Microsoft Security Intelligence team has detailed the ongoing phishing attacks. The team says that the campaign delivers the NetSupport Manager using emails with attachments containing malicious Excel 4.0 macros.As per the details provided by the Microsoft team, the attack begins with emails that pretend to come from Johns Hopkins Center and show details about the active COVID-19 cases in the US. However, in reality, the emails include Excel files that once open, show a graphical representation of the coronavirus data. However, the files also include malicious Excel 4.0 macros that will prompt users to “Enable Content”. This begins the download and installation process of the NetSupport Manager client from a remote site.
HOW CSOS CAN PROTECT USERS FROM PHISHING ATTACKS RELATED TO COVID-19
CREDENCE SECURITY | June 03, 2021
The demand for leading cybersecurity and digital forensics solutions is higher than ever. For over 20 years, Credence Security, a PAN-EMEA specialty distributor, has led in these areas along with governance, risk, and compliance, based in Dubai and regional presence in Johannesburg, London, Nairobi, New Delhi, and Saudi Arabia. Credence Security provides cybersecurity and digital forensics solutions to both public and private sector enterprises through a select network of specialist resellers.
In exciting news from the company, in response to its continued rapid growth, Credence Security recently announced the launch of its new Credence Security Partner Portal, which will enable easier deal registration, better tracking of opportunities, and SPIFF programs, access to sales and marketing materials, and much more. This is expected to be a precious tool for the company's resellers.
"Our channel partners are one of our most important relationships," commented Philip Cherian, Regional Channel Director. "We paid attention to our partner feedback and enhanced our Channel Partner Program and Partner Experience Portal, doubling down on our commitment to helping them succeed by continuing to invest in our Channel, tools, and infrastructure to support our partners across the region and make it even easier for them to do business with our vendors and us."
Credence Security is built on the foundation of 4 focus pillars – Continuous Adaptive Risk and Trust Assessment, Data Protection and Governance, Digital Forensics and Incident Response and Identity, Payments, and Data Security. "The value delivered in all of these areas is something that continues to grow, both as technology advances, but also from the company making every effort to understand the challenges partners and clients face so they can be more effectively addressed," commented Moe Bux, Regional Sales Director. "This strategy has been a key component in Credence Security's success and continued value-added growth."
The Credence Security Partner Portal launch arrives on the back of a record-breaking year for the channel team, which saw its best year across the channel in respect of:
• Channel team growth
• Overall revenue growth generated by our specialist resellers
• Partner growth in both geographical as well as vertical expansion
ABOUT CREDENCE SECURITY
Established in 1999, Credence Security, a PAN-EMEA specialty distributor, is cybersecurity, forensics, governance, risk, and compliance. Unlike most other distributors, we take a consultative "value-add" solution approach; we collaborate with our partners and their customers to understand their needs, both from a technology and business perspective, and then work very closely with our partners to deliver tailor-made solutions. Working closely with globally recognized, award-winning vendors including AccessData, ESET, Entrust, Magnet Forensics, ZeroFox, and Trustwave, Credence Security provides best-in-class, Cybersecurity and Forensics technologies and solutions to protect organizations against advanced persistent threats, malicious adversaries, and internal malpractice.
prnewswire | October 15, 2020
Vectra AI, a leader in network detection and response (NDR), today announced expanded response capabilities for its flagship product, Cognito Detect™ using its Lockdown feature, made possible by integrating with CrowdStrike® Falcon Insight, CrowdStrike's industry-leading endpoint and detection and response solution.This deep product integration enables Vectra® to deliver well-coordinated, instantaneous responses to thwart cyberattacks directly at the device level. By blocking and isolating attackers, not resources, Lockdown gives customers the ability to significantly reduce cyberthreat actor dwell-time without disrupting business operations.