Category Archives: Viruses

Newly Disclosed Vulnerability in MS Word Allows Code Execution Without Macros Enabled

Macros in Microsoft Word documents have been used for malware delivery for a long time. Any document that asks you to “Enable Content” should raise a big red flag. However, a newly disclosed vulnerability in Word allows the download and execution of arbitrary malware even when macros are not enabled. Microsoft has no plans to […]

Spambot Forwards Legitimate Emails With Malware Payload Added

The recent detection of the Onliner spam botnet, which uses 80 million compromised email accounts to send spam to 711 million targets, is shocking in its size but not in the techniques used. Spammers have long used compromised email accounts to send spam. This avoids email filtering based on the source IP address. However, a […]

Cloudmark’s Security Threat Report, 2016 Q1

Cloudmark’s Security Threat Report for Q1 of 2016 is now live. This quarter we cover: Characteristics of and methods used in script-based Locky ransomware attacks The Locky family’s explosion onto ransomware scene in Q1 due to aggressive distribution A look at the regions most impacted by Locky Analysis of Locky attacks sent to Japan, the […]

Using DNS for “Local” Threat Intelligence

In a session I attended at the RSA Conference in San Francisco, one of the panelists was asked a question in the Q&A section about detecting malware that stays entirely in memory, i.e. Avoiding detection by never writing itself to disk. The panelist’s answer was insightful; he stated that malware still needs to communicate with […]

Anti-Virus the Cloudmark way

Symantec is now admitting that traditional anti-virus solutions are losing the war against computer malware, according to a recent article in the Wall Street Journal. “Antivirus is dead,” says Brian Dye, Symantec’s senior vice president for information security. . . . hackers increasingly use novel bugs. Mr. Dye estimates antivirus now catches just 45% of […]

Malware spreading by fake Amazon notifications

We’ve recently seen a return of email spam campaign featuring fake Amazon.com notifications. This appeared in the Holiday shopping season last year coming from disposable domains, and is now back, apparently coming from compromised domains in the UK. Here’s an example: Of course, the attachment contains a malicious trojan that allows remote access to Windows […]

Cloudmark’s 2014 Q1 Global Messaging Threat Report

Current events around the world became the focal point of many malicious and innocuous spam campaigns in the email and mobile messaging space this quarter. In Cloudmark’s 2014 Q1 Global Messaging Threat Report we’ve detailed several malicious campaigns that have reverted to a more old fashioned way of distributing malware, email spam, following the arrest […]

Learn More About Cloudmark
Our Products
News and Events
Site Map  •  Privacy Policy  •  ©2002–2017 Cloudmark, Inc.