Hackers never stop inventing new ways to compromise their targets. That’s why organizations must stay updated on the latest threats. Here’s a quick rundown of the current malware and phishing attacks you need to know about:
Zero-day Attack:
Cybercriminals are using intentionally corrupted Word documents and ZIP archives to bypass detection. These files evade traditional defenses by appearing unreadable to security systems but restore their malicious content when opened in native applications like Microsoft Word or WinRAR. Tools such as ANY.RUN remain among the few capable of detecting this technique.
Malware Attack:
The campaigns also leverage the Psloramyra loader to deliver the Quasar Remote Access Trojan (RAT). This fileless malware employs Living off the Land Binaries and Scripts (LoLBaS) techniques to inject Quasar into legitimate processes like RegSvcs.exe, ensuring it operates entirely in memory and leaves no trace on disk. Persistence is maintained through scheduled tasks running every two minutes.
Phishing Attacks:
Additionally, phishing actors are abusing Azure Blob Storage to host malicious pages under the trusted *.blob.core.windows.net subdomain. These pages harvest system information to personalize attacks, deceiving victims into submitting sensitive credentials.
Expert Analysis:
These campaigns underscore the increasing creativity and technical proficiency of cybercriminals. By exploiting gaps in both file and cloud security, attackers are rendering traditional defenses inadequate. Security teams must adapt quickly, focusing on advanced detection mechanisms and robust security strategies to counteract these evolving threats.
Read the full article here.
