"New Form of Cyber-Attack Targets Energy Sector"
Energy companies are being targeted by a new form of spear-phishing attack. CyberInt has discovered this attack to be difficult to detect as the distributed “lure” email consisting of an attached Word document does not contain any malicious code, making it undetectable by defenses implemented for monitoring incoming email. Alternatively, when the Word document is loaded, its template reference connects to an attacker’s server using Server Message Block (SMB), which allows a Word template containing embedded malicious payloads to be downloaded. This article further discusses other discoveries about this attack and other incidents of cyberattacks targeting critical infrastructures.
Infosecurity Magazine reports "New Form of Cyber-Attack Targets Energy Sector"