INFRA
INFRA
INFRA
Report finds ‘macroless’ Word malware attacks are surging in popularity
Macroless Word document malware attacks are surging in popularity among hackers, according to a new security report from WatchGuard Technologies Inc.
The Internet Security Report for Q4 2017, based on data gathered from WatchGuard Firebox appliances protecting small and midsized businesses, found that malware attacks jumped 33 percent in the quarter. Cybercriminals are increasingly leveraging Microsoft Office documents to deliver malicious payloads.
Those Office-based hacks, which involve cybercriminals leveraging Dynamic Data Exchange attacks designed to trick users into clicking them, entered WatchGuard’s top 10 malware list in in the fourth quarter for the first time. The attacks employ malicious documents often using PowerShell and obfuscated script to get past network defenses.
“After a full year of collecting and analyzing Firebox Feed data, we can clearly see that cybercriminals are continuing to leverage sophisticated, evasive attacks and resourceful malware delivery schemes to steal valuable data,” Corey Nachreiner, chief technology officer at WatchGuard, said in a statement. “Although these criminal tactics may vary over time, we can be certain that this broad trend will persist, so the risks have never been greater for small and midsize organizations with less IT and security resources.”
Other takeaways from the report included continued growth in malware. WatchGuard said it blocked more than 30 million malware variants in the quarter, with a new subset of zero-day or not-yet-discovered malware instances climbing 167 percent. The increase was attributed to heightened criminal activity during the holiday season.
Nearly half of all malware attacks managed to elude basic antivirus software. WatchGuard has a dog in this hunt, since its Fireboxes are intended to provide network protection to catch malware at the point of attack.
Scripting attacks accounted for 48 percent of the top malware in the quarter, with JavaScript and Visual Basic Script threats once again remaining the most popular forms of scripting attack.
Image: antonescurazvan/Flickr
Since you’re here …
… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.
If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.
