Social Engineering









        Buran Ransomware Infects PCs via Microsoft Excel Web Queries. A new spam campaign has been spotted
        distributing the Buran Ransomware through IQY file attachments. When opened, these Microsoft Excel Web
        Query attachments will execute a remote command that installs the ransomware onto a victim's computer. A
        new malspam campaign was discovered by security researcher Suspicious Link that pretends to be a simple
        fwd of a previous email stating that the user should "Print document in attach". This attached document is an
        IQY file that when opened will execute a web query, or remote command, given by a remote server that uses
        PowerShell to install the Buran Ransomware.
                Source:  https://www.bleepingcomputer.com/news/security/buran-ransomware-infects-pcs-via-
                microsoft-excel-web-queries/



        Beware, online shoppers! Cybercriminals have registered over 100,000 look-alike domains that resemble
        popular retail websites. According to a recent investigation done by Venafi, it has been found that
        cybercriminals have registered more than 100,000 look-alike domains that closely mimic the legitimate
        websites of popular retail websites. These look-alike domains use valid TLS certificates to appear safe and
        trusted. The number has almost doubled when compared to 2018 and the TLS certificates used are 400% high.
        These fake domains have been created to target 20 retailers in the U.S., U.K., Germany, France, and Australia.
        One of the top U.S. retailers has over 49,500 look-alike domains targeting their customers.

                Source: https://cyware.com/news/beware-online-shoppers-cybercriminals-have-registered-over-
                100000-look-alike-domains-that-resemble-popular-retail-websites-8798ad36




        Fake Windows Update Infects Windows Systems with Cyborg Ransomware. Security company Trustwave has
        discovered a new malicious campaign that relies on warnings and hoax Windows updates sent via email to
        infect devices with the Cyborg ransomware. The attack employs a rather classic approach and starts with an
        email sent to potential targets and including a fake update attached to the message. The update, which
        appears to be using the JPG file extension, is actually an executable file, and once launched, downloads
        additional payloads from GitHub.
                Source:  https://news.softpedia.com/news/fake-windows-update-infects-windows-systems-with-
                cyborg-ransomware-528220.shtml



        CISA issues a security alert for holiday shopping and phishing scams. The Department of Homeland Security’s
        Cybersecurity and Infrastructure Security Agency (CISA) has warned U.S. citizens to be wary of malicious
        holiday campaigns and scams. The initiative has been taken following the soon-to-come holiday season. Scams
        accelerate during the holiday season as local consumers begin buying gifts and donating charities. Scammers
        perform sufficient research beforehand to launch a variety of fraud activities including credit card fraud and
        shipping scams. Apart from stealing personal and financial information, bad actors also leverage holiday scams
        to distribute malware. A recently revealed incident included Emotet trojan operators who pushed new spam
        templates inviting potential victims to a neighborhood party on Halloween. While those emails promised a
        treat, in reality, they were used to trick the targets into installing a malicious payload.

                Source: https://cyware.com/news/cisa-issues-a-security-alert-for-holiday-shopping-and-phishing-
                scams-a87ec459

                                                    www.accumepartners.com
                                                                                                                     9