Move over macros, Office DDE exploits arrive! Office macros have been the primary choice of attacks by malicious actors for years.  IT administrators and users have learned to be cautious before running macros. The Dynamic Data Exchange (DDE) protocol has been around much longer but hadn’t been used for attacks.  It’s a communication protocol that […]

A little over two weeks ago we posted about the first Hurricane Harvey scam emails that appeared in our spam traps.  The hurricane scams continue to persist without showing any signs of slowing down soon. Scammers are now using Harvey and Irma references or just a generic email to encompass any hurricane assistance efforts.

 Equifax Breach Overview While not the largest breach, it’s one of the most severe because of the data compromised.  Equifax, Experian, and TransUnion compiles the most sensitive financial information and safeguards it.  No company is immune to an attack, however, this garnered 143 million American’s most important records. Names, social security numbers, birth dates, and […]

Harvey Scam Example After every large news event or natural disaster we see the associated scam emails.  The first Harvey scam email we’ve seen showed up the afternoon of Aug. 30.  It is a bit surprising it took that long for it to appear, we’ve been watching closely.  Unfortunately many more scam emails and registered […]

Attack Overview and Statistics SANS Institute conducted a survey on how attackers were able to compromise user devices.  They found 74 percent entered via an email attachment or email links, 48 percent from web based drive-by or download, and 30 percent through application vulnerabilities.  Phishing (72 percent), spyware (50 percent), ransomware (49 percent) and Trojans (47 […]