Blueliv Intelligence Briefing
Your cybersecurity news summary
Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.
Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.
Maldoc malware campaign delivering the QakBot/QBot banking trojan through zipping Word documents
This particular campaign features a ZIP file; within the ZIP attachment is a Word document that includes macros within the document. These macros execute a PowerShell script that then downloads the Qakbot payload from specific URLs. This particular campaign also includes two new techniques: a bypass of the content disarm and reconstruction (CDR) technology through zipping the Word document, and a bypass of child-pattern pattern detection because Visual Basic is executed using Explorer. Learn more >