April 19, 2024
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – CVE-2020-0674 – Unpatched Internet Explorer Browser Zero-Day
January 20, 2020Rewterz Threat Advisory – Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
January 20, 2020Rewterz Threat Advisory – CVE-2020-0674 – Unpatched Internet Explorer Browser Zero-Day
January 20, 2020Rewterz Threat Advisory – Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
January 20, 2020
Severity
High
Analysis Summary
Emotet is back from holiday after 3 weeks break and currently targeting 81 countries with spam emails with heavily targeting US and it’s neighboring countries. Threat actors using different email templates to lure users to click on the malicious links which includes subjects like invoices, reports, invite to holiday or even great thunberg climate change support requests.By clicking the malicious links will install emotet trojan.
Every spam email campaign when clicked will be delivered a message will be presented with a message stating that this “document only available for desktop or laptop versions of Microsoft Office Word.” It then prompts the user to click on ‘Enable editing’ or ‘Enable Content’ to view the document.
When a user opens the document, malicious macros will be executed that download the Emotet trojan from a remote server and executes it.
Impact
Exposure of sensitive information
Remediation
- Always be suspicious about emails sent by unknown senders.
- Never click on the links/attachments sent by unknown senders.