20% of newly registered domain names are malicious
Research shows that 20% of all registered domain names have been registered for malicious purposes in the past six months. It is now known that certain malware and phishing attacks can be prevented because cybersecurity software can identify a malicious domain name. This fact then leads to cyber criminals switching domain names very often, and thus many malicious domain names are registered. So do not blindly trust antivirus that works with such software, it is only a matter of time until an employee lands on a site of a newly registered domain name that is not (yet) recognized by antivirus.
Phising scams targeting corporate mailboxes hit new records
There is a new record in terms of amount of phishing scams since 2020. It looks like this will continue to grow. In recent years, much attention has been paid to protecting login details, cyber criminals have focused on so-called response-based scams. With these tricks, contact is first made with the (future) victim via well-known social media (such as Linkedin or Whatsapp). The cybercriminal invests time in multiple conversations with the victim and thus builds a bond. Only after a relationship of trust is established are the (login) data extracted from the victim.
Hackers use a new trick in PowerPoint to infect systems with malware
Russian hacking group APT28 has recently started using mouse movements in Microsoft PowerPoint document decoys to deploy malware, according to analysis of malicious code found. The technique is designed to be activated when the user enters presentation mode and moves the mouse. The code execution runs a PowerShell script that downloads and runs a OneDrive dropper. The system is then infected with malware.
