Resurgence in Emotet Malware
22 July 2020
There has been a resurgence in the Emotet malware after a five-month hiatus. The new campaign primarily targets users in the US and UK using malicious attachments in phishing emails.
Emotet is designed to download and deploy further malware to victim machines. It uses a test-driven approach to tailor the attack to the victim’s estate, making it highly effective. Some observed behaviours include credential theft, mounting further phishing campaigns, and deploying ransomware.
- Ensure users are aware of the potential threat.
- Review policies on sending and handling email attachments.
- Ensure antivirus is running and up to date.
An INTERPOL assessment of the impact of COVID-19 on cybercrime shows a significant spike across the globe during the pandemic including a shift in target from individuals and small businesses to major corporations, governments and critical infrastructure, which play a crucial role in responding to the outbreak.
SAP has issued patches to fix a critical RECON vulnerability that can lead to total compromise of vulnerable SAP installations. It has been assigned the highest risk score of 10 on the CVSS, the most severe rating possible. It can be launched via HTTP over an internet-facing interface.
Microsoft has disclosed a critical vulnerability that has been around for nearly two decades in the Windows DNS Server. The vulnerability, which allows for remote code execution, affects versions 2003 to 2019, and can be prompted by a malicious DNS response. If exploited an attacker could gain Domain Administrator rights, and compromise the entire corporate infrastructure. Full advisory here…