Exploits, software that takes advantage of a bug or vulnerability, for Microsoft Office in-the-wild hit the list of cyber headaches in Q1 2018. Overall, the number of users attacked with malicious Office documents rose more than four times compared with Q1 2017.

 

In just three months, its share of exploits used in attacks grew to almost 50% – this is double the average share of exploits for Microsoft Office across 2017. These are the main findings from Kaspersky Lab’s Q1 IT threat evolution report.

 

Attacks based on exploits are considered to be very powerful, as they do not require any additional interactions with the user and can deliver their dangerous code discreetly. They are therefore widely used; both by cybercriminals looking for profit and by more sophisticated nation-backed state actors for their malicious purposes.

 

The first quarter of 2018 experienced a massive inflow of these exploits, targeting popular Microsoft Office software. According to Kaspersky Lab experts, this is likely to be the peak of a longer trend, as at least ten in-the-wild exploits for Microsoft Office software were identified in 2017-2018 – compared to two zero-day exploits for Adobe Flash player used in-the-wild during the same time period.

 

The share of the latter in the distribution of exploits used in attacks is decreasing as expected (accounting for slightly less than 3% in the first quarter) – Adobe and Microsoft have put a lot of effort into making it difficult to exploit Flash Player.

 

 

After cybercriminals find out about a vulnerability, they prepare a ready-to-go exploit. They then frequently use spear-phishing as the infection vector, compromising users and companies through emails with malicious attachments. Worse still, such spear-phishing attack vectors are usually discreet and very actively used in sophisticated targeted attacks – there were many examples of this in the last six months alone.

 

For instance, in autumn 2017, Kaspersky Lab’s advanced exploit prevention systems identified a new Adobe Flash zero-day exploit used in-the-wild against our customers. The exploit was delivered through a Microsoft Office document and the final payload was the latest version of FinSpy malware.

 

Analysis of the payload enabled researchers to confidently link this attack to a sophisticated actor known as ‘BlackOasis’. The same month, Kaspersky Lab’s experts published a detailed analysis of СVE-2017-11826, a critical zero-day vulnerability used to launch targeted attacks in all versions of Microsoft Office. The exploit for this vulnerability is an RTF document containing a DOCX document that exploits СVE-2017-11826 in the Office Open XML parser.

 

Finally, just a couple of days ago, information on Internet Explorer zero day CVE-2018-8174 was published. This vulnerability was also used in targeted attacks.

 

“The threat landscape in the first quarter again shows us that a lack of attention to patch management is one of the most significant cyber-dangers. While vendors usually issue patches for the vulnerabilities, users often can’t update their products in time, which results in waves of discreet and highly effective attacks once the vulnerabilities have been exposed to the broad cybercriminal community,” notes Alexander Liskin, security expert at Kaspersky Lab.

 

Other online threat statistics from the Q1, 2018 report include:

  • Kaspersky Lab solution detected and repelled 796,406,112 malicious attacks from online resources located in 194 countries around the world.
  • 282,807,433 unique URLs were recognized as malicious by web antivirus components.
  • Attempted infections by malware that aims to steal money via online access to bank accounts were registered on 204,448 user computers.
  • Kaspersky Lab’s file antivirus detected a total of 187,597,494 unique malicious and potentially unwanted objects.
  • Kaspersky Lab mobile security products also detected:
    • 1,322,578 malicious installation packages.
    • 18,912 mobile banking Trojans (installation packages)

 

To reduce the risk of infection, users are advised to:

  • Keep the software installed on your PC up to date, and enable the auto-update feature if it is available.
  • Whenever possible, choose a software vendor that demonstrates a responsible approach to a vulnerability problem. Check if the software vendor has its own bug bounty program.
  • Use robust security solution which have special features to protect against exploits, such as Automatic Exploit Prevention
  • Regularly run a system scan to check for possible infections and make sure you keep all software up to date.
  • Business should ues a security solution that provides vulnerability, patch management and exploits prevention components, such as Kaspersky Endpoint Security for Business. The patch management feature automatically eliminates vulnerabilities and proactively patches them. The exploit prevention component monitors suspicious actions of applications and blocks malicious files executions.

 

Read the full version of the Kaspersky Lab’s IT threat evolution report on Securelist.com.


RECOMMENDED ARTICLE FOR TECHWORLD


 
Costly Cloud Breaches Putting Digital Transformation Strategies at Risk, Finds Kaspersky Lab
Techworld Date Posted: 25 May 2018 2:51 PM | 220 Views
The success of digital transformation projects are being stalled by the fear of the impact and rising costs of breaches associated with “data on the go”. According to new research from Kaspersky Lab, safeguarding.... See More
 
Costly Cloud Breaches Putting Digital Transformation Strategies at Risk, Finds Kaspersky Lab
Techworld Date Posted: 2:51 PM | 220 Views
The success of digital transformation projects are being stalled by the fear of the impact and rising costs of breaches associated with “data on the go”. According to new research from Kaspersky Lab, safeguarding...See More

 
The Rise of Thingbots in the Philippines
Techworld Date Posted: 26 October 2017 1:06 PM | 400 Views
Thingbots, botnets built exclusively from IoT devices, are set to become the infrastructure for a future darknet. This is one of the key findings of F5 Networks’s latest report,. See More
 
The Rise of Thingbots in the Philippines
Techworld Date Posted: 1:06 PM | 400 Views
Thingbots, botnets built exclusively from IoT devices, are set to become the infrastructure for a future darknet. This is one of the key findings of F5 Networks’s latest report,See More

PCBG  Writing Staff
Role of Wireless in Cybercrime
Techworld • By: PCBG  Writing Staff | Date Posted: 6 April 2018 3:59 PM | 575 Views
Wi-Fi and Bluetooth® are useful. They are there for a reason: so we can communicate without the need for data coverage. Though much of what we see today with Wi-Fi is good use, sometimes,.... See More
PCBG  Writing Staff
Role of Wireless in Cybercrime
Techworld • By: PCBG  Writing Staff | Date Posted: 3:59 PM | 575 Views
Wi-Fi and Bluetooth® are useful. They are there for a reason: so we can communicate without the need for data coverage. Though much of what we see today with Wi-Fi is good use, sometimes,...See More

 
Are Data Breaches Stressing You Out?
Techworld Date Posted: 12 July 2018 1:11 PM | 278 Views
Common wisdom holds that the most stressful things a person might face in life are moving house, getting fired, or going through a divorce. In the grand scheme of things, stress caused by data.... See More
 
Are Data Breaches Stressing You Out?
Techworld Date Posted: 1:11 PM | 278 Views
Common wisdom holds that the most stressful things a person might face in life are moving house, getting fired, or going through a divorce. In the grand scheme of things, stress caused by data...See More

 
Symantec Simplifies Cloud Migration with Management Center 2.0
Techworld Date Posted: 29 August 2018 3:46 PM | 117 Views
Symantec Corp. (NASDAQ: SYMC), the world’s leading cyber security company, has announced significant enhancements to Symantec Management Center. The centralized solution manages the network portfolio inside of the Symantec Integrated Cyber Defense Platform, allowing.... See More
 
Symantec Simplifies Cloud Migration with Management Center 2.0
Techworld Date Posted: 3:46 PM | 117 Views
Symantec Corp. (NASDAQ: SYMC), the world’s leading cyber security company, has announced significant enhancements to Symantec Management Center. The centralized solution manages the network portfolio inside of the Symantec Integrated Cyber Defense Platform, allowing...See More

 
Kaspersky Lab Launches Awards Campaign to Increase Awareness on Internet Safety
Techworld Date Posted: 9 August 2017 1:35 PM | 177 Views
Kaspersky Lab has launched a campaign in Asia Pacific to educate the public and spread awareness on Internet safety. Known as the Goondus Awards, the campaign is inviting submissions from the public on Internet.... See More
 
Kaspersky Lab Launches Awards Campaign to Increase Awareness on Internet Safety
Techworld Date Posted: 1:35 PM | 177 Views
Kaspersky Lab has launched a campaign in Asia Pacific to educate the public and spread awareness on Internet safety. Known as the Goondus Awards, the campaign is inviting submissions from the public on Internet...See More

Rafael Aquino
Lisa Su and the AMD Army
Techworld • By: Rafael Aquino | Date Posted: 7 August 2017 2:53 PM | 264 Views
Lisa Su, in sum, is the current CEO and president of Advanced Micro Devices (AMD). Her leadership has led the company to great heights, and without her ability, AMD might not be where it.... See More
Rafael Aquino
Lisa Su and the AMD Army
Techworld • By: Rafael Aquino | Date Posted: 2:53 PM | 264 Views
Lisa Su, in sum, is the current CEO and president of Advanced Micro Devices (AMD). Her leadership has led the company to great heights, and without her ability, AMD might not be where it...See More

 
PUBG Performance Reveal — GeForce GTX 1060 Recommended for 1080P 60 FPS Gameplay
Techworld Date Posted: 19 December 2017 2:57 PM | 291 Views
On December 20, PLAYERUNKNOWN’S BATTLEGROUNDS (PUBG) exits Early Access and moves to launch status, and over 25 million PC gamers will be looking to set up their PCs for optimal gameplay. See More
 
PUBG Performance Reveal — GeForce GTX 1060 Recommended for 1080P 60 FPS Gameplay
Techworld Date Posted: 2:57 PM | 291 Views
On December 20, PLAYERUNKNOWN’S BATTLEGROUNDS (PUBG) exits Early Access and moves to launch status, and over 25 million PC gamers will be looking to set up their PCs for optimal gameplaySee More

 
Transcend Wins Good Design Award 2018 in Japan
Techworld Date Posted: 16 October 2018 4:22 PM | 58 Views
Transcend Information, Inc. (Transcend®), a worldwide leader in storage and multimedia products, today announced that its JetDrive™ 855 SSD upgrade kit for Mac has won the "Good Design Award 2018" for its practical and.... See More
 
Transcend Wins Good Design Award 2018 in Japan
Techworld Date Posted: 4:22 PM | 58 Views
Transcend Information, Inc. (Transcend®), a worldwide leader in storage and multimedia products, today announced that its JetDrive™ 855 SSD upgrade kit for Mac has won the "Good Design Award 2018" for its practical and...See More

 
The New Smart Watch from PLDT HOME is a Must-have for Kids and Here’s Why
Techworld Date Posted: 18 July 2016 2:19 PM | 445 Views
Are you looking for a useful yet super cool gift for your kid? How about a watch? No, how about a Smart Watch? The Smart Watch from PLDT HOME is the latest, and coolest, gadget for kids,.... See More
 
The New Smart Watch from PLDT HOME is a Must-have for Kids and Here’s Why
Techworld Date Posted: 2:19 PM | 445 Views
Are you looking for a useful yet super cool gift for your kid? How about a watch? No, how about a Smart Watch? The Smart Watch from PLDT HOME is the latest, and coolest, gadget for kids,...See More


Power by

Download Free AZ | Free Wordpress Themes