Blueliv Intelligence Briefing

Your cybersecurity news summary

Monday,   September 7th,   2020

Welcome to today’s intelligence briefing, covering noteworthy items on the cybersecurity news agenda.

Find these stories on the Blueliv Threat Exchange Network, a global community of thousands of cybersecurity experts, IT professionals and academics. Membership is free.

Read the latest research blogs from the Blueliv Labs team.

Malware gang uses .NET library to generate Excel docs that bypass security checks

A newly discovered malware gang is using a clever trick to create malicious Excel files that have low detection rates and a higher chance of evading security systems. This malware gang, named Epic Manchego, has been active since June, targeting companies all over the world with phishing emails that carry a malicious Excel document. But these are not your standard Excel spreadsheets. The malicious Excel files have been bypassing security scanners with low detection rates. The malicious Excel files appear to be compiled with EPPlus into a Office Open XML (OOXML) format. This way, the files lack a specific portion of VBA code that some antivirus and email scanners look for in order to find signs of malware. Learn more >

Demo Free Trial MSSP
Program