By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    Mobile beasts and where to find them — part two
    12 months ago
    How to Secure a Website 7 Simple Steps
    12 months ago
    List of antivirus officially supporting Windows 8 Release Preview
    12 months ago
    Latest News
    Wordfence Intelligence Weekly WordPress Vulnerability Report (September 11, 2023 to September 17, 2023)
    5 days ago
    Exploring Winrar Vulnerability (CVE-2023-38831) | McAfee Blog
    6 days ago
    Two PHP Object Injection Vulnerabilities Fixed in Essential Blocks
    7 days ago
    Agent Tesla’s Unique Approach: VBS and Steganography for Delivery and Intrusion
    1 week ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    The creator of malware has infected her own computer
    12 months ago
    Windows 11 build 25163 out with new Taskbar Overflow feature
    12 months ago
    How to fix Microsoft Store not working on Windows 11
    12 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    7 months ago
    Now you can speed up any video in your browser
    7 months ago
    How to restore access to a file after EFS or view it on another computer?
    8 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    8 months ago
  • How To
    How ToShow More
    Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)
    Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)
    16 hours ago
    Cloudflare account permissions, how to use them, and best practices
    Cloudflare account permissions, how to use them, and best practices
    16 hours ago
    Announcing Cloudflare Incident Alerts
    Announcing Cloudflare Incident Alerts
    16 hours ago
    Welcome to Birthday Week 2023
    Welcome to Birthday Week 2023
    2 days ago
    A new wave of innovation with Edge, your AI-powered browser
    3 days ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    Creating an ASCII banner in DuckDuckGo
    11 months ago
    How to set a password on the browser?
    11 months ago
    How to draw a landscape in “Paint”?
    11 months ago
    Latest News
    How to use image layers on Paint for Windows 11
    6 days ago
    How to disable Copilot on Windows 11 (completely)
    2 weeks ago
    How to blur image background in Photos for Windows 11
    2 weeks ago
    How to hide text from screenshots on Snipping Tool for Windows 11
    2 weeks ago
  • Glossary
  • My Bookmarks
Reading: Malicious Documents: Still Infecting After All These Years
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
AppsThreatsWordpress Threats

Malicious Documents: Still Infecting After All These Years

Vitus White
Last updated: 13 October
Vitus White 12 months ago
Share
5 Min Read

Sending off emails laden with malicious attachments is one of the most effective and widely relied upon methods for disseminating malware and infecting user-machines.

 

It’s tried and it’s true. Whether an attacker is trying to indiscriminately add machines to a botnet, access corporate networks via spear-phishing, or hijack your online banking account with a Trojan, malicious documents have been a weapon of choose among attackers for years. Computer and Internet users are more aware now than ever about the dangers of opening shady – or even innocuous seeming – email attachments, whether they are Word documents, PDF files, pictures, or any other type of documents. Furthermore, the anti-malware industry, email-service providers, and Web-browser makers are all developing and deploying new technologies designed to curb infection-by-attachment. All of this comes in addition to an environment in which software vendors are handling vulnerability patch management more effectively and efficiently than ever.

Despite this, countless machines become infected with malware from opening malicious documents every day. How is it that the best efforts from the smartest people in the tech industry aren’t enough to successfully combat collections of largely unorganized attackers?

Broadly, the reason for this is simple, attackers, many of whom work alone or in small groups with custom designed tools, can move quickly. Browser-makers, email providers, tech giants react to new threats as quickly as they can, but – like all somewhat large organizations – are hindered by corporate bureaucracy and other inertias.

We can’t simply blame business here though either. Most users refuse to install updates and many users open attachments they shouldn’t.

We can’t simply blame business here though either. Most users refuse to install updates and many users open attachments they shouldn’t.

To their credit, the attackers aren’t dumb. They watch the way companies react to their attack-methods and adapt accordingly.  They gather intel on the people they aim to target by monitoring their social networking and other visible activities in order that emails and the malicious attachments they contain are more convincing and likely to be fallen for.

In my arrogance, I used to believe that an attacker would have to wake up pretty early in the morning in order to catch me phishing. Kaspersky Lab principle security expert, Kurt Baumgartner, set me straight, explaining that any of us – no matter how smart – would open an attachment seeming to come from a person we trust. This reality necessitates automatic defenses, based on measurable behavior rather than human intuition.

For example, Microsoft’s most recent set of patch Tuesday security updates fixed an Internet Explorer vulnerability but failed to fix a second Microsoft Office zero-day (newly discovered vulnerability). Because of this, attackers that understand the vulnerability can exploit it to send malicious documents to affected users (read: nearly anyone with Microsoft Office). Of course, if the attacker is using a piece of malware that is recognized by your antivirus product’s detection engine, then you are protected. Attackers though have found pretty simple ways to alter the code or the domains of their malware in order to evade this detection.

I don’t want to praise the attackers too highly here. In the end, the good guys are generally the smarter guys, albeit they move a bit more slowly. The good guys get paid well, they get benefits, and they generally don’t have to worry about going to jail. They watch the bad guys and learn from their methods just like the bad guys watch the good guys.

Such is the case with our developers at Kaspersky Lab. The researchers here have watched the ways in which attackers have evolved over the years. Anti-malware products used to simply search for malware signatures, but it has become clear over the last few years that signature detection is not enough. Thus they have developed technologies like automatic exploit prevention (AEP), which scans user-systems for vulnerabilities and known malicious behaviors. When AEP sees an applications running strange code or seeming to exploit a flaw in some piece of vulnerable software, the technology moves to block the actions before any harm. In this way, users are protected from nearly any threat, including aforementioned zero-days.


Source: kaspersky.com

Translate this article

TAGGED: Malware, Microsoft, Microsoft Office, Networking, Phishing, PoC, Security, Software, Threat, Threats, Vulnerabilities
Vitus White October 13, 2022 October 7, 2022
Share This Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)
Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)
Apps 16 hours ago
Cloudflare account permissions, how to use them, and best practices
Cloudflare account permissions, how to use them, and best practices
Apps 16 hours ago
Announcing Cloudflare Incident Alerts
Announcing Cloudflare Incident Alerts
Apps 16 hours ago
Welcome to Birthday Week 2023
Welcome to Birthday Week 2023
Apps 2 days ago
A new wave of innovation with Edge, your AI-powered browser
Windows 3 days ago

You Might Also Like

Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)
Apps

Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)

16 hours ago
Cloudflare account permissions, how to use them, and best practices
Apps

Cloudflare account permissions, how to use them, and best practices

16 hours ago
Announcing Cloudflare Incident Alerts
Apps

Announcing Cloudflare Incident Alerts

16 hours ago
Welcome to Birthday Week 2023
Apps

Welcome to Birthday Week 2023

2 days ago
Show More

Related stories

How to upgrade to Windows 11 23H2 with Installation Assistant
Critical Vulnerability in Forminator Plugin
How to blur image background in Photos for Windows 11
How to download official Windows 11 23H2 ISO file
PHP Object Injection Vulnerability in Flatsome Theme
How to download Windows 11 22H2 ISO after 23H2 releases
Previous Next

10 New Stories

Curator can help you with PC Game Pass picks
Cloudflare Email Security now works with CrowdStrike Falcon LogScale
Wordfence Intelligence Weekly WordPress Vulnerability Report (September 11, 2023 to September 17, 2023)
Exploring Winrar Vulnerability (CVE-2023-38831) | McAfee Blog
How to use image layers on Paint for Windows 11
New! Rate Limiting analytics and throttling
Previous Next
Hot News
Switching to Cloudflare can cut your network carbon emissions up to 96% (and we’re joining the SBTi)
Cloudflare account permissions, how to use them, and best practices
Announcing Cloudflare Incident Alerts
Welcome to Birthday Week 2023
A new wave of innovation with Edge, your AI-powered browser
10alert.com10alert.com
Follow US
© 10 Alert Network. All Rights Reserved.
  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?