FileFix: The New Social Engineering Attack Building on ClickFix Tested in the Wild

Check Point Research identifies how the new social engineering technique, FileFix, is being actively tested by threat actors in the wild. Attackers have long exploited human trust as a primary attack surface, and they’re doing it again with a new technique called FileFix. FileFix is a recently uncovered social engineering attack that builds on the widely abused ClickFix tactic. Unlike ClickFix, which tricks users into running malicious commands via the Windows Run dialog, FileFix takes a subtler approach: it opens a legitimate Windows File Explorer window from a webpage and silently loads a disguised PowerShell command into the user’s clipboard. […]

The post FileFix: The New Social Engineering Attack Building on ClickFix Tested in the Wild appeared first on Check Point Blog.



from Check Point Blog https://ift.tt/7w9OgoT
via
-
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Check Point Cyber Security Now Available Across All Levels of U.S. Government

We’re proud to announce that Check Point has earned GovRAMP Authorization for the Check Point Infinity Platform for Government. This is a b...

  • IT threat evolution Q2 2018
    Targeted attacks and malware campaigns Operation Parliament In April, we reported the workings of Operation Parliament , a cyber-espionag...
  • Application Control in the World of Cloud and Shadow IT
    Cloud solutions are proliferating rapidly. Sometimes it seems like the pace is too fast, and is coming at the expense of security considerat...
  • CISO DACH Summit
    Hacker attacks are increasingly in the media, security issues in cloud computing remain unanswered and cybercriminals develop more complex a...