Been shopping lately? Fake credit card email can spook you into downloading Cerber ransomware

(Note: Read our latest comprehensive report on ransomware: Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene.)   As the shopping sprees become increasingly frenetic during holiday season, it’s hard not to worry about how much credit card debt we’re piling. Some of us rely on email notifications from our banks to track…

0

Don’t let this Black Friday/Cyber Monday spam deliver Locky ransomware to you

(Note: Read our latest comprehensive report on ransomware: Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene.)   We see it every year: social engineering attacks that take advantage of the online shopping activities around Black Friday and Cyber Monday, targeting customers of online retailers. This year, we’re seeing a spam campaign that…

2

Fake fax ushers in revival of a ransomware family

(Note: Read our latest comprehensive report on ransomware: Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene.)   “Criminal case against you” is a message that may understandably cause panic. That’s what a recent spam campaign hopes happens, increasing the likelihood of recipients opening the malicious attachment. We recently discovered a new threat that…

0

No payment necessary: Fighting back against ransomware

(Note: Read our latest comprehensive report on ransomware: Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene.)   Any IT professional who’s ever had an experience with malware knows how fast an intrusive attack can happen, and how difficult it can be to educate employees to be vigilant against such threats. And with…

5

Troldesh ransomware influenced by (the) Da Vinci code

(Note: Read our latest comprehensive report on ransomware: Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene.)   We at the MMPC are constantly tracking new and emerging ransomware threats so we can be one step ahead of active campaigns and help protect our users. As part of these efforts, we recently came…

0

Digging deep for PLATINUM

This blog introduces our latest report from the Windows Defender Advanced Threat Hunting team. You can read the full report at: PLATINUM: Targeted attacks in South and Southeast Asia There is no shortage of headlines about cybercriminals launching large-scale attacks against organizations. For us, the activity groups that pose the most danger are the ones…

0

Keeping Browsing Experience in Users’ Hands, an Update…

Since we published the Keeping Browsing Experience in Users’ Hands blog in December 2015, we’ve received feedback from the ecosystem and engaged in discussions with the industry. Based on those discussions and feedback, we are making a couple of updates. We are broadening the scope of the evaluation criteria we blogged about to state: Programs…

2

Social engineering tricks open the door to macro-malware attacks – how can we close it?

The macro malware-laden documents that target email users through email spam are intentionally crafted to pique any person’s curiosity.  With subjects that include sales invoices, federal tax payments, courier notifications, resumes, and donation confirmations, users can be easily tricked to read the email and open the attachment without thinking twice. The user opens the document,…

7

Microsoft partners with Interpol, industry to disrupt global malware attack affecting more than 770,000 PCs in past six months

‘Simda.AT’ designed to divert Internet traffic to disseminate other types of malware. Today Interpol and the Dutch National High Tech Crime Unit (DNHTCU) announced the disruption of Simda.AT, a significant malware threat affecting more than 770,000 computers in over 190 countries. The Simda.AT variant first appeared in 2012. It is a widely distributed malware that…

2

Upatre update: infection chain and affected countries

Upatre is a type of malware that is typically installed on a machine after a person is tricked into clicking on a link or opens an attachment contained in a spam email. Since January 2015,  we have seen spam emails commonly distributed by variants of the Hedsen and Cutwail malware families. Upatre’s malicious actions vary, but…

3