Malware Meets SysAdmin – Automation Tools Gone Bad

This post was authored by  Alex Chiu and Xabier Ugarte Pedrero . Talos recently spotted a targeted phishing attack with several unique characteristics that are not normally seen. While we monitor phishing campaigns used to distribute threats such as Dridex , Upatre , and Cryptowall , targeted phishing attacks are more convincing because the format of the message is personalized to the targeted user. This targeted attack was more difficult to detect because adversaries chose to leverage AutoIT, a well known freeware administration tool for automating system management [...]

from Cisco Blog » Security http://ift.tt/1Jh9Txl