29% of cyberthreats previously unknown it-online.co.za - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from it-online.co.za Daily Mail and Mail on Sunday newspapers.
(TechRepublic Premium)
But despite a security update being available to protect against the vulnerability for over three years, it s still the most frequent exploit used by cyber criminals to deliver malware via malicious Microsoft Office documents. The enduring popularity of Equation Editor exploits such as CVE-2017-11882 may be due to home users and businesses not updating to newer, patched versions of Office. We commonly see this vulnerability being exploited by attackers who distribute easily-obtainable [remote access trojans], Alex Holland, senior malware analyst at HP Inc, told ZDNet.
The use of CVE-2017-11882 has dropped compared to the previous quarter, when it accounted for 87% of exploits used – but another vulnerability is gaining popularity, more than doubling in use in just the space of a few months.
);
//]]>// >By John P. Mello Jr.
Mar 16, 2021 6:05 AM PT
Malicious online actors used email as their prime vehicle for delivering malware to their victims in the last quarter of 2020, HP and Bromium reported Tuesday.
The HP-Bromium Threat Insights Report found that 88 percent of malware was delivered by email into its targets inboxes, many times evading measures at email gateways to filter out the infected correspondence. Ultimately, attackers are taking advantage of the fact that it s normal to share and open documents by email, observed Alex Holland, a senior malware analyst at HP. Finance and IT departments tend to be heavy users of macros to automate business processes, so banning them across the board often isn t a realistic option, he told TechNewsWorld.