You Opened Up a Malicious File, Now What?

Weaponized documents are so effective at compromising organizations that attackers of all skill levels use them, from state-sponsored hackers to criminal skids, suggests Lisa O’Reilly from SlashNext.

Social Engineering is the initial common dominator in nearly every targeted cyberattack, often in the form of a phishing email. Phishing attacks are so successful because they allow attackers to get pass technical defenses.

“These phishing exploits, like most of today’s phishing efforts, prey on the human element,” O’Reilly asserts. “Emails continue to be the most common attack vector with an attachment or link that appears as if it were sent by a familiar co-worker, relative, or close business associate that the target trusts and communicates with on a regular basis.”

Because technology to secure the network perimeter is so good now, attackers have been forced to turn to new techniques and exploits. O’Reilly added that attackers are increasingly abusing legitimate tools to avoid detection by antivirus programs, and they’re constantly taking advantage of previously unknown vulnerabilities.

“Regardless of their motivation or target, security vendors are reporting that the use of weaponized documents by bad actors is on the rise,” she says. “Zero-day and zero-hour attacks are evolving and designed to elude traditional security techniques.”

All organizations are vulnerable to social engineering, since no human has perfect judgement all the time. O’Reilly says the difficulty of defending against these attacks increases with the sheer volume of emails that employees interact with on a day-to-day basis.

“Most businesses (and employees) exchange hundreds of emails and attached documents every day never giving a recognized senders email address a second thought, meaning it’s just a matter of time before a weaponized document gets downloaded and opened,” she writes.

Unfortunately, the odds for attackers are in their favor, since they can launch as many phishing attacks as they want against a target, while an employee only has to fall victim to one in order for an organization to be compromised.

DarkHound Security encourages employee security awareness training to equip your employees with the knowledge and skills to recognize and resist these attacks.

If you need assistance with your cybersecurity business contact DarkHound SecOps at [email protected].

Full Story Here…

Weaponized Documents: It’s Just a Matter of Time Before One is Opened