Dont hold down the ctrl key new warning as cyber attacks confirmed in the uk the national cyber security centre (ncsc) has confirmed that a new wave of cyber attacks is targeting uk businesses. these attacks are sophisticated and are being carried out by state-sponsored actors.

  • Reading time:6 mins read
  • Post category:AntivirusDon
  • Post comments:0 Comments
You are currently viewing Dont hold down the ctrl key new warning as cyber attacks confirmed in the uk the national cyber security centre (ncsc) has confirmed that a new wave of cyber attacks is targeting uk businesses. these attacks are sophisticated and are being carried out by state-sponsored actors.
Representation image: This image is an artistic interpretation related to the article theme.

This new attack, dubbed the “Visio Phishing” attack, exploits the vulnerabilities in Microsoft Visio’s rendering engine to deliver malicious payloads.

Understanding the Visio Phishing Attack

The Visio Phishing attack is a type of two-step phishing attack that leverages the vulnerabilities in Microsoft Visio’s rendering engine to deliver malicious payloads. This attack is particularly concerning because it exploits a widely used and trusted application, making it more difficult for users to recognize and defend against.

How the Attack Works

The attack involves the following steps:

  • The attacker creates a malicious Microsoft Visio file that appears to be a legitimate document or diagram.

    However, the format has been exploited by threat actors to create malicious files that can spread malware and cause system crashes.

    The Rise of.vsdx Format Files as a Malware Vector

    The use of.vsdx format files as a malware vector has gained significant attention in recent years.

    This type of attack is known as “spear phishing” or “whaling.” The attackers use the compromised email accounts to send emails that appear to be from trusted sources, such as CEOs or other high-ranking executives, to trick employees into divulging sensitive information or clicking on malicious links.

    Understanding the Threat

    Phishing attacks have become increasingly sophisticated, and two-step phishing attacks are a particularly insidious form of this threat. These attacks involve a combination of two or more steps, often using social engineering tactics to manipulate employees into divulging sensitive information or clicking on malicious links. The attackers use the compromised email accounts to send emails that appear to be from trusted sources, such as CEOs or other high-ranking executives, to trick employees into divulging sensitive information or clicking on malicious links.

    How Two-Step Phishing Attacks Work

  • The attackers use the compromised email accounts to send emails that appear to be from trusted sources, such as CEOs or other high-ranking executives. The emails are designed to be convincing and may include personal details or references to specific projects or initiatives. The attackers use social engineering tactics to manipulate employees into divulging sensitive information or clicking on malicious links. The emails may also include attachments or links that appear to be legitimate but are actually malicious. ## Identifying the Threat
  • Identifying the Threat

    To identify the threat of two-step phishing attacks, organizations need to be aware of the tactics used by attackers.

    The emails are sent to a large number of recipients, and the sender’s email address is spoofed to appear as if it comes from a legitimate company or organization.

    The Anatomy of a Phishing Email

    The Goal of Phishing Emails

    Phishing emails aim to deceive recipients into divulging sensitive information, such as login credentials, financial data, or personal details. The ultimate goal is to gain unauthorized access to the recipient’s accounts or systems.

    Common Phishing Tactics

  • Urgency: Phishing emails often create a sense of urgency, claiming that the recipient must respond immediately to avoid missing an opportunity or facing consequences. Legitimacy: The sender’s email address is spoofed to appear as if it comes from a legitimate company or organization, making it difficult for recipients to distinguish between genuine and fake emails. Personalization: Phishing emails may contain personalized information, such as the recipient’s name or company name, to increase the sense of legitimacy. * Attachments and Links: Phishing emails often contain attachments or links that, when clicked, can install malware or redirect the recipient to a fake website. ## The Impact of Phishing Emails**
  • The Impact of Phishing Emails

    Financial Consequences

    Phishing emails can result in significant financial losses for individuals and organizations.

    Exploiting Human Psychology to Trick Individuals into divulging Sensitive Information or Performing Certain Actions.

    The Psychology of Social Engineering

    Social engineering is a psychological manipulation tactic used by attackers to trick individuals into divulging sensitive information or performing certain actions. This technique relies on exploiting human psychology, rather than technical vulnerabilities, to achieve its goals. By understanding the psychology behind social engineering, we can better defend against these types of attacks.

    Understanding the Psychology of Social Engineering

    Social engineering is a complex and multifaceted field that draws on various psychological principles. Attackers use a range of tactics, including:

  • Building rapport: Establishing a connection with the target, often through a shared interest or goal. Creating a sense of urgency: Using time pressure or scarcity to prompt the target into action.

    Understanding the Session Cookie Compromise Tactic

    The session cookie compromise tactic is a type of social engineering attack that targets users who have not enabled two-factor authentication (2FA) on their accounts. This tactic relies on the fact that many users rely on their session cookies to remember their login credentials, making it easier for attackers to gain unauthorized access to their accounts.

    How the Attack Works

    The attack typically begins with the attacker sending a phishing email or message to the target user, claiming to be from a trusted source such as a bank or online service provider. The email or message may contain a link or attachment that, when clicked or opened, installs malware on the user’s device.

    The malicious image is loaded into the SVG, and then the HTML and JavaScript are embedded within the SVG. This makes it difficult for the victim to detect the malicious content.

    Understanding the Threat of SVG Phishing Attacks

    SVG phishing attacks are a relatively new and sophisticated form of cyber attack that uses scalable vector graphics to deceive victims into divulging sensitive information or installing malware on their devices.

    Is it a legitimate request or a phishing attempt?

    Understanding the Threat of SVG Attachments

    SVG attachments can be a serious security threat if not handled properly. Here are some reasons why:

  • Malware and viruses: SVG attachments can contain malicious code that can infect your device and compromise your personal data. Phishing attempts: Scammers may send SVG attachments as part of a phishing attempt to trick you into revealing sensitive information. Data breaches: SVG attachments can also be used to steal sensitive data, such as login credentials or financial information. ## The Anatomy of an SVG Attachment**
  • The Anatomy of an SVG Attachment

    To understand the threat of SVG attachments, it’s essential to know what they are and how they work. Here’s a breakdown of the anatomy of an SVG attachment:

  • SVG file: An SVG file is a vector graphics file that contains a series of instructions for rendering an image.
  • Leave a Reply