Recently Corey Nachreiner discussed the LinkedIn breach in a Daily Security Byte. CERT-Bund, the federal computer emergency response team of Germany, now published a warning about targeted e-mails with attached malicious Word documents (faked invoice including Trojan code). The e-mails are personalized using real name and position of a recipient and exactly match information on LinkedIn public profiles, which lead to an assumed connection to the data breach.
Not opening attachments from unknown senders is a good general advise, but as the e-mails are targeted and well written this warning is likely not enough. Having a multi- layered gateway security system like WatchGuard Firebox, allowing in depth scanning of incoming e-mail with AntiSpam, Gateway AntiVirus and Sandbox based analysis using APT Blocker, will further reduce the risk. In addition Fireware Version 11.11 supports blocking Word documents with Macro code – another helpful option in regards to this targeted e-mail attack.
— Jonas Spieckermann
Leave a Reply