Oct 17 / Admin

New Scam Alert: New Phishing Campaign Uses Office Docs to Install Cobalt Strike Beacon

KnowBe4 reported:

Under the guise of determining applicant eligibility for a U.S. federal government job, this latest phishing attack plants the seed for a future attack on the victim organization.

The initial vector of this attack is a phishing email with a malicious Microsoft Word document attachment containing an exploit that attempts to exploit the vulnerability CVE-2017-0199, a remote code execution issue in Microsoft Office. If a victim opens the maldoc, it downloads a malicious Word document template hosted on an attacker-controlled Bitbucket repository.

The inflection point in this attack lies with the victim user, who is most definitely not thinking about whether the assistance email (and its’ Word doc attachment) are malicious in nature or not.

Find out more with the original article here.

Enroll in Training Sessions:  Last Thursday of Every Month is Training on Frauds and New Scam Alerts and How to Combat
* indicates required