1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • This simple cyberattack is still among the most effective

    From TechnologyDaily@1337:1/100 to All on Tue May 17 11:15:04 2022
    This simple cyberattack is still among the most effective

    Date:
    Tue, 17 May 2022 09:54:17 +0000

    Description:
    Even if they don't trigger any warnings, emails with HTML attachments should be considered dangerous.

    FULL STORY ======================================================================

    Cybercriminals may be getting more sophisticated by the day, but simple HTML file distribution still remains one of the most popular tactics, new research shows.

    According to telemetry data from cybersecurity company Kaspersky, in the
    first four months of 2022, there were more than two million malicious emails carrying weaponized HTML files.

    March 2022 was the most active month of the year so far for this type of attack, with 851,000 detections. Last month saw just 387,000 detections, although Kaspersky says this could just be a momentary shift, and doesnt necessarily suggest a shift in the wider trend. Popular attack vector

    HTML owes its popularity among cybercriminals to its effectiveness against antispam engines and other cybersecurity measures. Short for HyperText Markup Language, it is the standard markup language for web pages and other
    documents designed to be displayed in a web browser .

    When weaponized, HTML files can redirect users to malicious sites, have them download malware or viruses, and locally display various phishing forms.

    As the language itself cannot be deemed malicious, it hardly gets detected by email security solutions, either. Read more

    'Undetectable' malware kit packs a whole load of threats into a single
    package



    The little-known pact at the heart of cybersecurity



    REvil ransomware is officially back in action

    According to BleepingComputer, the technique saw its glory days in 2019, but remains a common technique in todays phishing campaigns. The publication stresses that just opening HTML files is often enough to have JavaScript running on the target endpoint , which could result in malware being
    assembled on the disk itself, thus bypassing any security software.

    Email continues to be one of the most popular attack vectors for cybercriminals. Its widespread and cheap, making it an ideal tool for the distribution of spyware, ransomware , and other malware, as well as phishing attacks.

    Cybersecurity researchers are warning users to always be suspicious of incoming emails, especially when they carry links or attachments. Even if the email security solution installed on the device does not trigger a warning, HTML attachments should be treated as suspicious. Shield against phishing attacks with the best security keys around

    Via BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/this-simple-cyberattack-is-still-among-the-most -effective/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)