M$ Word file started propagating across the Internet with malicious macros at ~7:45amCST. This file is actually a Dropper File, as shown via this Forcepoint File Sandbox Report, which is attempting to infect your local files and phone home to a website in the US:
What is the Anti-Virus Coverage Rate you may ask for this Dropper File? Not good... only 5 companies currently detect it:
OK... lets assume your security controls have not blocked the download of the dropper, is your Barracuda Solution going to protect you from the download of the actual payload? Ummm... no:
In summary, please contact ESPO Systems if you'd like to implement controls to block the attack across the entire Kill Chain.
No comments:
Post a Comment