AppRiver Blog

THREAT ALERT: Cybercrooks Abusing Microsoft Azure Storage Custom Domain Name Feature

THREAT ALERT: Cybercrooks Abusing Azure Custom Domain Name Feature

Read More

TrickBot Campaign Spoofs Dun & Bradstreet

Trickbot Spoofs Dun & Bradstreet

On Wednesday, Sept. 4, in just under an hour's time AppRiver's SecureTide malware engine stopped 103,791 malicious Word documents destined to clients. The campaign was designed to drop the Trickbot Trojan onto an unsuspecting users system. This particular attack spoofed the data and...

Read More

HMRC-themed emails carry Trickbot infection

A cybercrime group is currently targeting businesses in the UK with malware-laden emails containing the banking Trojan known as Trickbot.

In the past years, several malware families have been seen heavily targeting the UK in attempts to spread banking Trojans looking to gain access to business and personal accounts.

Read More

Phony HSBC Emails Carry Spyware Infection

Today we are seeing a malware push from the Necurs botnet attempting to distribute a Spyware Trojan via the Hancitor downloader. The malicious email campaign is somewhat cleverly disguised as an encrypted email from HSBC Financial.

Read More

Warning! Trojan Droppers Exploiting Symbolic Link (.SLK) Files

Trojan Droppers Exploiting Symbolic Link Files

Malicious actors routinely attempt to confuse recipients of messages with obscure file extensions to load malicious files on the victims machine.

For most users the .slk file is recognized in Microsoft Office software as an Excel file. However, as detailed here, it also is...

Read More

As Tax Season Looms, CPA Firms Targeted with Advanced Malware

As the 2018 tax season gets underway, we want to make sure everyone is aware of the many dangers we see surrounding this event each year.

In fact, curiosity and uncertainty surrounding recent tax law changes may leave many individuals more susceptible to falling victim to one of the many tax-themed attacks that we...

Read More

Assassination Threats Demand Bitcoin Ransom

Assassination Threats Demand Bitcoin Ransom

Processing more than a billion messages a month we tend to see the good, bad, and ugly emails of the internet. It's pretty rare a message will raise our eyebrows or fall into a "disturbing" category, especially for our team that sees the whole range of the underworld daily.

Read More

Malware Distributors Target Online Holiday Shoppers

 

 

 

 

 

 

As online holiday shopping gets into full swing we are on the lookout for holiday related threats that we should all be wary of.

It’s likely that FedEx alone will deliver hundreds of millions of packages between Black Friday and Christmas Day. And with so many people expecting packages to be delivered at this...

Read More

New Ransomware Variant Abusing DDE Functionality in Office Documents

This morning we began seeing a large volume of messages that ultimately lead to the install of the “Asasin” ransomware, aptly named after the naming convention used when encrypting the user’s files. We have been seeing this Ransomware type for about a week now but it is now relying on a new infection technique.

Read More

Move over Macros, Office DDE exploits arrive

Move over macros, Office DDE exploits arrive!

Office macros have been the primary choice of attacks by malicious actors for years.  IT administrators and users have learned to be cautious before running macros. The Dynamic Data Exchange (DDE) protocol has been around much longer but hadn't been used for attacks.  It's a...

Read More