- Emails are traversing the internet this morning with various email subjects that generally refer to international money transfers. Most importantly, a ~160k M$ Word doc is attached that leverages a malicious macro. Details regarding the registry modifications and associated phone home can be found in this Websense File Sandbox Report.
- Importantly, within the report, you will find a link to upload the file to VirusTotal in realtime. Hopefully we will see Symantec and McAfee update their signatures by end-of-business (West Coast Time of course ;-) and detect the file's malicious intent. However, as is all too often the case, you are left to rely upon your antispam sigs/reputation scores (which are 100% accurate right?) to stop these email msgs as the AV vendors are mostly blind to it now:
No comments:
Post a Comment