Wearn also noted the Australian education sector was a key target he believes the data suggests education may be particularly vulnerable given the use of individually-owned devices that leverage collaborative networks, lending the potential for the exfiltration of research data or intellectual property, or which may even impact national security if attackers gain access to highly sensitive research. Banking is key to Jersey’s economy, far outstripping business in any other industry. “This MS Office 2007 vulnerability was exploited in each of these attacks in Australia, Germany, and Jersey, indicating a renewed focus on attacking Windows machines using malicious invoicing and delivery notes,” said Carl Wearn, head of E-Crime and Cyber Investigation at Mimecast.Īt the same time, researchers believe it’s important to take a step back to understand the business implications behind these malware exploits: Germany is Europe’s largest pharmaceutical market, and the fourth-largest in the world according to Germany Trade and Invest. The education sector in Australia also experienced this exploit from July 18-19. In Jersey on July 10, the banking sector was attacked on a higher scale than on any other day and again, the attackers sought to exploit this same vulnerability. Researchers found a wide-ranging malware attack against the chemical and pharmaceutical sector and the government sector in July in Germany of the 4,574 detections on July 18, 73 percent were Trojans with varying degrees of significant obfuscation, and many attempted to take advantage of this particular exploit. While many cyber threats are advanced and multifaceted, however, others take advantage of dated vulnerabilities. These threats will be covered in the Mimecast Threat Intelligence report to be released in November. Increasing variety and volume of attacks via malware is inevitable given the desire of financially – and criminally – motivated actors to obtain personal and confidential information.
Threat intelligence data shows this same exploit is being attacked relentlessly in every region, and this is a significant uptick in normal behaviors.Įvery week, cybersecurity threat intelligence efforts uncover complex, dynamic cyber threats and malware that can be difficult for network defenses to keep up with.
This CVE ID is unique from CVE-2017-11884.” First published in 2017, NIST states, “Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka ‘Microsoft Office Memory Corruption Vulnerability’.
0 kommentar(er)
