[BreachExchange] This one business file is most used in cyberattacks

Audrey McNeil audrey at riskbasedsecurity.com
Thu Feb 15 18:51:02 EST 2018


Businesses beware: That PDF you're about to open may be part of a targeted
cyberattack that will compromise your system.

PDF files are the most likely of any other file type to be weaponized,
according to a Thursday report from security firm Barracuda Networks. In
the last three months, nearly 41 million PDFs scanned were part of an
attack, often containing links to malicious sites and active scripts, the
report found.

PDFs are especially susceptible to malicious activity because they are easy
to construct and transmit, the report noted. Business users and consumers
alike must be extremely cautious when opening any PDF attachment in an
email or on a website, even when it appears to come from a trusted source.
Security professionals should also ensure that employee cybersecurity
training is in place at their organization to decrease the likelihood of
someone accidentally opening a malicious file or link on a work machine.

"Organizations often become aware of vicious cyberattacks after the damage
has already been done," Fleming Shi, senior vice president of technology at
Barracuda Networks, said in a press release.

The most sophisticated and efficient attacks are carried over embedded
scripts such as JavaScript and VisualBasic: More than 75% of these scripts
are malicious, the report found. Scripts can be embedded in HTML or other
rich document formats such as RFT and Office. Of the 70 million Office
documents scanned by Barracuda Networks in the last three months, more than
4.7 million were malicious or suspicious.

Compressed files are another increasingly popular way for criminals to
transmit hidden attacks, and hide non-malware infections like PowerShell
scripts. One example of this took place in September 2017, when Barracuda
detected a massive ransomware campaign with more than 27 million emails
reaching customers in less than a day.

Information leaked in the Equifax breach and other major cyberattacks that
resulted in the loss of personally identifiable information (PII) for
millions of people will also likely increase both mass phishing and spear
phishing attacks in the coming year, the report noted, so businesses and
consumers should be vigilant in their efforts to combat these threats.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180215/e0b515b6/attachment.html>

More information about the BreachExchange mailing list