Weekly our experts select relevant news in the cybersecurity industry. Over the last two weeks, we saw the “Hackers now use Microsoft OneNote attachments to spread malware”. Also, you will see the “Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network”.

For more articles, check out our #onpatrol4malware blog.

Why your data is more valuable than you may realize

Source: WeLiveSecurity

The data trail you leave behind whenever you’re online is bigger and more revealing than you may think. If you are in some way related to the cybersecurity and/or privacy industries, then you will have heard similar claims. Read more.

Third-Party App Stores Could Be a Red Flag for iOS Security

Source: Security Intelligence

The famously restrictive company will allow third-party app stores for iOS devices, along with allowing users to sideload software directly. While this is good news for app creators and end-users, there is a potential red flag. Read more.

New Mimic Ransomware Abuses Everything APIs for its Encryption Process

Source: TrendMicro

A new ransomware that abuses the APIs of a legitimate tool called Everything, a Windows filename search engine developed by Voidtools that offers quick searching and real-time updates for minimal resource usage. Read more.

Attacking The Supply Chain: Developer

Source: TrendMicro

In this proof of concept, we look into one of several attack vectors that can be abused to attack the supply chain: targeting the developer. With a focus on the local integrated developer environment (IDE). Read more.

Hackers now use Microsoft OneNote attachments to spread malware

Source: Bleeping Computer

Threat actors now use OneNote attachments in phishing emails that infect victims with remote access malware which can be used to install further malware, steal passwords, or even cryptocurrency wallets. Read more.

Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network

Source: Sucuri

Every so often attackers register a new domain to host their malware. In many cases, these new domains are associated with specific malware campaigns, often related to redirecting legitimate website traffic to third party sites of their choosing. Read more.

Sliver C2 Leveraged by Many Threat Actors

Source: Cybereason

This particular Threat Analysis report is part of a series named “Purple Team Series”, covering widely used attack techniques, how threat actors are leveraging them and how to detect their use. Read more.