Cybercriminals are bypassing Microsoft’s blocking of macros in its Office suite by using alternative files to host malware, according to Proofpoint’s Threat Research Team. The usage of macros in malware campaigns has decreased by around 66% between October 2021 and June 2022, following Microsoft’s introduction of macro-blocking features. However, threat actors are now using container files such as ISO and RAR attachments, and Windows Shortcut files to carry malware, with campaigns doing so rising nearly 175% during that period.
Fake Google Ads Exploit Homebrew In Malware Campaign
Open-source package manager Homebrew has become the latest victim of a malware campaign using false Google ads to compromise user credentials and steal cryptocurrency wallets.