Resurgence in Emotet Malware
22 July 2020
There has been a resurgence in the Emotet malware after a five-month hiatus. The new campaign primarily targets users in the US and UK using malicious attachments in phishing emails.
Emotet is designed to download and deploy further malware to victim machines. It uses a test-driven approach to tailor the attack to the victim’s estate, making it highly effective. Some observed behaviours include credential theft, mounting further phishing campaigns, and deploying ransomware.
- Ensure users are aware of the potential threat.
- Review policies on sending and handling email attachments.
- Ensure antivirus is running and up to date.
A critical privilege escalation exploit in Windows Server (CVE-2020-1472), codenamed Zerologon, allows an attacker to become a domain admin, even without any credentials.
Microsoft’s September Patch Tuesday fixes 129 security holes (23 of which are rated ‘critical’) in numerous versions of its Windows operating system and related software. One of the more critical patches could allow remote code execution by sending an email to a victim.
Secrutiny Awarded Position on Crown Commercial Services “Cyber Security Services 3 Dynamic Purchasing System”
We are thrilled to announce that Secrutiny has been awarded a position on Crown Commercial Service’s Cyber Security Services 3 Dynamic Purchasing System (DPS).