Please fill in the form below to subscribe to our blog

Categories

Tags

Australia BullPhishID BullPhish ID Canada commercial credential stuffing cyberattack cybercrime cybersecurity Dark Web dark web credential loss Dark Web ID dark web monitoring dark web threat Data Breach Data Breach Alerts data compromised data loss prevention data theft France hacking healthcare insider threats Japan MSPs MSP Solutions MSP Space nation-state hackers Passly passwords phishing phishing resistance phishing resistance training ransomware remote working retail security security awareness training SMB cybersecurity stolen credentials supply chain risk The Week in Breach third party risk United Kingdom United States

Cybersecurity News This Week: Explore The Ink This Week 08/14/20

August 14, 2020
cybersecurity news

Go Inside the Ink to See What’s New in Cybersecurity News This Week

CYBERSECURITY NEWS THIS WEEK: NEW & MUST-SEE BLOGS

3 Lessons Learned from the Biggest Ransomware Attacks of 2020

Password Sharing is a Data Breach Danger

The Week in Breach: Cybersecurity and Breach News 08/05 – 08/11

How to Not Get Caught by the New SBA COVID-19 Relief Scam

Level Up Your Business With These 3 MSP Webinars

We publish new posts every weekday featuring news, insight, and solutions that take on today’s biggest cybersecurity threats and help you prepare for the threats of tomorrow. BOOKMARK IT>>

THE THREAT OF THE WEEK & HOW TO STOP IT

malware pop up box on a futuristic computer screen representing cybersecurity news this week

CISA Warns: Clever Criminals are Using Phishing Emails Disguised as MS Word Docs to Spread KONNI Malware

In an Alert released today, the US Cybersecurity & Infrastructure Security Agency (CISA) is warning that a creative group of cybercriminals has launched a phishing scam featuring legitimate-looking but malware-infected MS Word documents attached to seemingly innocuous emails.

CISA warns that “Cyber actors (are) using emails containing a Microsoft Word document with a malicious Visual Basic Application (VBA) macro code to deploy KONNI malware. KONNI is a remote administration tool (RAT) used by malicious cyber actors to steal files, capture keystrokes, take screenshots, and execute arbitrary code on infected hosts.”

They then detail the attack:

  • KONNI malware is often delivered via phishing emails as a Microsoft Word document with a malicious VBA macro code
  • The malicious code can change the font color from light grey to black (to fool the user to enable content), check if the Windows operating system is a 32-bit or 64-bit version, and construct and execute the command line to download additional files.
  • Once the VBA macro constructs the command line, it uses the certificate database tool CertUtil to download remote files from a given Uniform Resource Locator.
  • The Command Prompt silently copies certutil.exe into a temp directory and renames it to evade detection.
  • The cyber actor then downloads a text file from a remote resource containing a base64-encoded string that is decoded by CertUtil and saved as a batch (.BAT) file.
  • Finally, the cyber actor deletes the text file from the temp directory and executes the .BAT file.

So how can you protect your company from threats like this one that can devastate your business and your bottom line? One of CISA’s suggested mitigations is to “Maintain situational awareness of the latest threats” and “Exercise caution when opening email attachments, even if the attachment is expected and the sender appears to be known.” We can help with that.

THE THREAT

Cybercriminals are dropping cleverly-designed phishing emails laden with extremely dangerous malware. How can your business avoid this danger?

STOP IT

Make staffers more suspicious of every email, link, PDF, and attachment (plus other sources of phishing danger) through security awareness training with ID Agent’s cost-effective solutions including BullPhish ID.

SEE 10 MINUTE TECHNICAL DEMOS OF OUR SECURITY AWARENESS TRAINING AND MONITORING SOLUTIONS NOW!

Connect IT Global in white over purple as part of cybersecurity news this week

COMING SOON – CONNECT IT GLOBAL

Are you ready for a bonanza of education, certification, and networking opportunities? How about some contests, prizes, entertainment, and fun? Oh, and some awesome surprises?

CONNECT IT GLOBAL delivers, coming to you virtually August 24 – 27, 2020!

  • Earn new certifications to grow your business and your clients’ confidence: Certified Dark Web ID & BullPhish ID Administrator & Certified Passly Administrator
  • See THE ID AGENT 2020 ROADMAP including exclusive details about our new updates and upgrades – and a few special surprises. (an absolute must-see panel!)
  • Get amazing insight from the legendary Gary Pica at THE NEW CONNECT 360 – THE MSP PROFITABILITY MINI-SYMPOSIUM event!
  • Explore today’s biggest threat with experts and find out more about the future of phishing defense at GO PHISHING: DETECTING ADVANCED, PERSISTENT PHISHING THREATS.
  • Go inside a breach with our favorite white-hat hackers to see how a cybercriminal really strikes, and how you can stop it in THE ANATOMY OF AN O365 BREACH
  • Plan your successful future with a focus on “Vision, Innovation, and Execution”.

RESERVE YOUR SEAT NOW, BECAUSE YOU DON’T WANT TO MISS A THING!

IN CASE YOU MISSED IT LAST WEEK MSPs: Gain even more insight and inspiration to grow your business from the newly available MSP GROWTHFEST APAC recordings, featuring new, exclusive APAC panels with 6 new Channel All-Stars! GET IT NOW>>

cybersecurity news cycle and a round, cycle-style representation of the digital risk protection platform including Passly, Dark Web Id BullPhish ID and our personnel working together to provide a complete cybersecurity defense.

ID AGENT’s Digital Risk Protection Platform and Security Awareness Training empowers every business to fight back against Dark Web threats!

Get an expert analysis of your risk including a FREE Dark Web Report using the power of DARK WEB ID

Join forces with us to gain access to our industry-leading sales and marketing support – we’ll even join you on tough sales calls!

BECOME AN ID AGENT PARTNER