Hackers and malware distributors have been evolving due to recent announcements by Google and other email vendors blocking javascript and other attachments that are widely used for malicious activity but rarely used for legitimate activity. Lately these criminals have been switching to file types like .lnk and .svg, the latter being very difficult to block as it’s a widely used graphics format.
Microsofts TechNet reported that these news malware distributions are utilizing powershell scripting within the .lnk and .svg files which can even bypass certain restrictions put in place on powershell remote executions. Technet does say that the current Windows 10 and Windows Defender should protect against such attacks but admit that the flexibility these malware authors have programmed in gives them the flexibility to change the payload and execution of such payload on a daily basis.
In this ever changing security game of cat and mouse it seems that the predators are staying one step ahead of us. This goes to show that no matter your level of protection with firewalls and anti-virus defense that you still need to retain an excellent Disaster Recovery Solution like Idealstor’s Flashback. Having a true Business Continuity Solution can save your business from costly downtime and even more expensive data loss.