Subj : HTML attachments are more of a security risk than ever - here's w
To   : All
From : TechnologyDaily
Date : Fri May 05 2023 16:15:03

HTML attachments are more of a security risk than ever - here's what you need 
to know

Date:
Fri, 05 May 2023 15:09:40 +0000

Description:
The number of malicious HTML attachments is surging, and businesses need to 
prepare.

FULL STORY
======================================================================

A growing number of emails are arriving loaded with malicious or harmful HTML 
attachments, new research has warned. 

A report from Barracuda found almost half (46%) of HTML attachment in emails 
it scanned was found to be malicious. Barracuda says the Hypertext Markup 
Language (HTML) is growing increasingly popular in phishing, credential 
theft, and other forms of cyberattacks. 

If a recipient opens the HTML file, multiple redirects via JavaScript 
libraries hosted elsewhere will take them to a phishing site or other 
malicious content controlled by the attackers. Users are then asked to enter 
their credentials to access information or download a file that may contain 
malware , Barracuda CTO, Fleming Shi, said in a blog post . Phishing threat 

However, in some cases seen by Barracuda researchers, the HTML file itself 
includes sophisticated malware which has the complete malicious payload 
embedded within it, including potent scripts and executables. This attack 
technique is becoming more widely used than those involving externally hosted 
JavaScript files. 

The CTO also said that the HTML threats are being distributed via countless 
individual attacks, rather than a handful of mass events. 

On March 7, there were 672,145 malicious HTML artifacts detected in total, 
comprising 181,176 different items. This means that around a quarter (27%) of 
the detected files were unique and the rest were repeat or mass deployments 
of those files, Shi said. However, on March 23, almost nine in ten (85%) of 
the total 475,938 malicious HTML artifacts were unique  which means that 
almost every single attack was different. Read more 

> Google is killing off passwords in favor of something new - here's what you 
need to know 


 > Everything you need to know about phishing 


 > Here's our list of the best firewalls around 

The figures are pointing to HTML attachments remaining one of the most common 
ways to deliver malware through email, the blog concludes, saying that its 
pivotal for businesses to have the right security solutions set up. This 
means having effective, AI-powered email protection in place that can 
evaluate the content and context of an email beyond scanning links and 
attachments, it was said. 

Multi-factor authentication, zero-trust access controls, as well as 
automation in response and attack remediation, is also essential to any 
organizations cybersecurity tech stack, right next to employee training, Shi 
concluded. Check out the best endpoint security tools right now



======================================================================
Link to news story:
https://www.techradar.com/news/html-attachments-are-more-of-a-security-risk-th
an-ever-heres-what-you-need-to-know


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.