New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


TrickBot’s New Spearphishing Tricks

Recently, TrickBot has developed a new, fairly successful lure that poses as a sexual harassment claim filed against their targets. Using information gathered through research of publicly available information about the target, the TrickBot threat actors can make these lures look very legitimate, which makes avoidance difficult. Additionally, the downloaded Microsoft Installer (.msi) file allows the malware to maintain very little detection rates.

Analyst Notes

Always make sure that any document received through email is legitimate. Many anti-virus solutions allow users to individually scan documents and files. If in doubt, opening the file in a VM or on a non-production computer may be best. Additionally, disabling macros from untrusted sources are another good way to stay protected.