Error message

  • Notice: Undefined offset: 5 in user_node_load() (line 3604 of /home/ewg56ffgqu3p/public_html/modules/user/user.module).
  • Notice: Trying to get property of non-object in user_node_load() (line 3604 of /home/ewg56ffgqu3p/public_html/modules/user/user.module).
  • Notice: Undefined offset: 5 in user_node_load() (line 3605 of /home/ewg56ffgqu3p/public_html/modules/user/user.module).
  • Notice: Trying to get property of non-object in user_node_load() (line 3605 of /home/ewg56ffgqu3p/public_html/modules/user/user.module).
  • Notice: Undefined offset: 5 in user_node_load() (line 3606 of /home/ewg56ffgqu3p/public_html/modules/user/user.module).
  • Notice: Trying to get property of non-object in user_node_load() (line 3606 of /home/ewg56ffgqu3p/public_html/modules/user/user.module).

News

Why document-borne malware needs to be back on the radar for organization - Tuesday, June 24, 2025 - 04:50

The cybersecurity profession is always on high alert for new attack tactics as criminal groups adapt to overcome improved defenses against phishing and ransomware. But alongside the new innovations, some old-school tactics appear to be evolving making a comeback – or rather they never quite went away.

Document-borne malware is one such tactic. Once considered a relic of early cyber warfare, this method continues to pose a significant threat, particularly for organizations handling large volumes of sensitive information, such as those in critical infrastructure.

The appeal for attackers is clear. Everyday files - Word documents, PDFs, Excel spreadsheets - are inherently trusted and flow freely between businesses, often through cloud-based platforms. With modern security more focused on endpoints, networks, and email filtering, these seemingly mundane files can act as the ideal Trojan horse.

Understanding this evolving risk is key to stopping seemingly innocuous documents before they can wreak havoc.

Why are cybercriminals still using document-borne malware?

On the surface, attacks using malicious documents feel like a bit of a throwback. It’s a tactic that’s been around for decades at this point, however, that doesn’t make it any less dangerous for organizations.

Still, while the concept is nothing new, threat groups are modernizing it to keep it fresh and bypass standard security controls. This means the seemingly old-school tactic is still a threat even for the most security-conscious sectors.

As with other email-based tactics, attackers typically seek to hide in plain sight. Most attacks use common file types such as PDFs, Word documents, and Excel spreadsheets as malware carriers. The malware is usually hidden in macros, embedded in scripts such as JavaScript within PDFs, or hidden with obfuscated file formats and layers of encryption and archiving.

These unassuming files are coupled with popular social engineering techniques, such as a supplier invoice or customer submission form. Email attack tactics, such as spoofed addresses or compromised accounts, further camouflage the malicious content.

The rise of cloud-based collaboration tools has increased the attack surface. We’re all used to receiving any number of emails throughout the day with links to SharePoint, Google Docs, and other common platforms. This makes it harder to detect malicious files before they enter networks.

What makes document-borne malware particularly dangerous for critical infrastructure?

Most attacks seek to breach networks unnoticed to maximize their impact and eventual rewards. The potential gains for exfiltrating sensitive data or shutting down a system means groups are willing to invest more time and resources in trying new tactics that can pass unnoticed.

Further, document-borne attacks are all about blending into the background. For example, in the financial sector, the ecosystem offers plenty of opportunities with the thousands of incoming documents from customers, suppliers, and partners daily. Most firms have a constant inflow of financial statements, loan applications, compliance paperwork, and myriad other files entering their system.

If opened, a single malicious document can spread malware across critical networks. Attackers leverage document-based threats to deploy ransomware, steal credentials, or exfiltrate sensitive data, so one wrong click can come with catastrophic consequences, especially for critical sectors that rely heavily on a reputation for trust and reliability.

Strict regulatory compliance demands can raise the stakes further and, depending on their region and function, firms could fall under the remit of the GDPR, DORA, NIS2, and more. Failing to meet these demands can result in severe financial penalties and a significant blow to the firm’s reputation.

Why are organizations struggling to defend against these threats?

From our experience, document security is often overlooked in favor of other areas like network perimeter and endpoint protection. Document-borne attacks are mundane enough to slip down the priorities list but advanced enough to defeat most standard security tools.

Security teams may lack the visibility or tools to inspect and sanitize every incoming file, particularly in fast-moving digital workflows.

There tends to be an over-reliance on signature-based antivirus solutions, which often fail to detect modern document-borne threats. While security teams are typically aware of malicious macros, formats like ActiveX controls, OLE objects, and embedded JavaScript may not be on the radar.

Attackers have also latched onto the fact there is a significant mental blind spot around documents seemingly delivered through familiar cloud-based channels. Even when employees have received phishing awareness training, there is a tendency to automatically trust a document coming in through an expected source like Google or Office 365.

What steps should businesses take to mitigate document-borne malware risks?

As with most evolving cyberattack tactics, a multi-layered strategy is the key to fending off document-borne threats.

One key step is adopting a multi-engine approach to malware scanning. While threat actors may be able to fool one detection engine, having multiple different tools will improve the chances of catching hidden malware and reduce false negatives.

Content Disarm and Reconstruction (CDR) tools are another important element. These sanitize and remove malicious macros, scripts, and active content while preserving document integrity. Suspect files can then be run through advanced standboxes to identify previously unknown threats by detecting their malicious behavior whilst in a contained environment.

The network should also be set with strict file policies, restricting high-risk file types and enforcing user authentication before document uploads. Setting file size limits can also help catch malicious documents where hidden code has made them larger than normal.

Efficiency and reliability are also key here. Organizations need to be able to identify malicious documents hiding in their typical incoming traffic, but without disrupting a workflow that customers expect to be fast and consistent.

Stronger email security measures will also help to detect and block malicious attachments before they reach users. Moving away from signature-based detection and towards behavioral analytics will improve the chances of catching out attackers posing as trusted contacts and services.

Including document-based threats in employee awareness efforts will also help staff spot signs like unexpected macros and spoofed invoices in case they make it through other measures. In particular, more scrutiny is needed for files shared through cloud platforms.

Companies should adopt a zero trust mindset, treating every incoming file as a potential threat until it has been scanned and sanitized.

We list the best document management software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro
Amazon reveals huge £40 billion UK investment in major cloud, AI and jobs boost - Tuesday, June 24, 2025 - 04:52
  • Amazon's three-year plan includes £40 billion in UK investment
  • "Thousands" of jobs set to be created across new and upgraded sites
  • Most of the benefits will be seen in regions typically overlooked by such investments

Amazon has announced plans to invest £40 billion into the UK over a three-year period spanning between 2025 and 2027.

The multi-billion pound investment will fund the expansion of Amazon's operations within the UK, leading to more jobs, boosting national GDP and strengthening the infrastructure that Amazon relies on (and therefore other UK consumers and businesses).

The huge sum isn't insignificant – the UK is Amazon's third-largest market, after the US and Germany, two nations that have already seen billions in investments spanning both ecommerce infrastructure and sovereign cloud efforts.

UK Amazon investment

Boasting of its position as a top-10 private sector employer across the UK, with more than 75,000 citizens part of its workforce, Amazon said its latest investment would create thousands more jobs, the "vast majority" of which should be away from London and the South East.

Four new Amazon fulfilment centers are in the pipeline, including two in the East Midlands, one in Hull and a further one in Northampton - with the latter two anticipated to generate 2,000 jobs each.

The company also declared its investment would be nearly matched when it comes to boosting the UK's GDP, which Amazon anticipates adding £38 billion to the UK economy.

Besides adding further delivery stations across the UK, Amazon also plans to upgrade more than 100 operational buildings and open two more at its East London corporate HQ.

Promising a minimum salary of £28,000 for full-time workers (and £30,000 in London), robotics technicians, safety experts and mechatronic engineers will be among the more than 60 roles offered by the company as part of its huge investment.

"When Amazon invests, it’s not only in London and the South East – we’re bringing innovation and job creation to communities throughout England, Wales, Scotland, and Northern Ireland, strengthening the UK’s economy and delivering better experiences for customers wherever they live," noted Amazon CEO Andy Jassy.

UK Prime Minister Keir Starmer welcomed the "thousands of new jobs," which he described as offering "real opportunities for people in every corner of the country to build careers, learn new skills, and support their families."

“Amazon’s £40 billion investment adds another major win to Britain’s basket and is a massive vote of confidence in the UK as the best place to do business.," he added.

You might also like
Thousands of PCs, phones and tablets stolen and lost by UK public sector bodies prompting fears of huge national security risk - Tuesday, June 24, 2025 - 05:22
  • Device loss from UK governmental departments tops 2000 in just one year
  • Experts fear stolen devices could provide entry points for hackers
  • Phone and tablet thefts pose risk despite widespread encryption

Have you ever lost a phone or computer and worried about what someone might find on it?

Thousands of devices have gone missing from UK government departments in the past year, raising serious concerns about cybersecurity and data protection.

Analysis by The Guardian, based on freedom of information disclosures, found the government lost over 2,000 laptops, phones and tablets in the past 12 months, with a replacement cost estimated at around £1.3m.

Surprisingly large numbers

The Department for Work and Pensions, Ministry of Defence, and the Cabinet Office each reported hundreds of missing tech items.

The Ministry of Defence alone recorded 103 missing laptops and 387 phones in just five months of 2025. Other departments affected included HM Treasury, the Bank of England, and the Home Office.

“We treat all breaches of security very seriously and we require all suspected breaches to be reported. All incidents are subjected to an initial security risk assessment, with further action taken on a proportionate basis," an MoD spokesperson said.

Playing down fears, the defence department added, “Encryption on devices ensures any data is safeguarded and prevents access to the defence network.”

This sentiment was echoed by the Bank of England, which said it “takes the security of devices and data very seriously and has suitable protection in place.”

The same official line was trotted out by a government spokesperson who said, “We take the security of government devices extremely seriously, which is why items such as laptops and mobile phones are always encrypted so any loss does not compromise security.”

Professor Alan Woodward, a cybersecurity expert at the University of Surrey, wasn’t quite so reassured, telling The Guardian, “These are surprisingly large numbers. When you are talking about so many [it creates] a large attack surface [for hackers]. If 1% were system administrators who had their phones stolen, that’s enough to get in.”

He added, “If devices were open when stolen, as frequently happens with phones snatched on the street, criminals could keep them open and drill down into the device and once the phone is open, by design it is readable and accessible.”

You might also like
The Google Pixel 10 Pro Fold could be the first foldable to get a much-needed durability feature - Tuesday, June 24, 2025 - 05:34
  • The Google Pixel 10 Pro Fold could be the first foldable phone with an IP68 rating
  • This would give it more dust resistance than other foldables
  • It might also have a slimmer hinge and a bigger cover screen than its predecessor

The best foldable phones have come a long way in recent years, but they still trail conventional handsets when it comes to dust resistance. That could change, though, with the Google Pixel 10 Pro Fold.

According to Android Headlines, Google's next foldable will have an IP68 rating. That’s the same rating as you’ll find on high-end handsets like the Samsung Galaxy S25 Ultra and iPhone 16 Pro, and it means the phone will be dust-tight and water resistant to depths of up to 1.5 meters for 30 minutes.

It’s a fairly standard feature on the best candybar phones, but it isn’t something you’ll find on any foldable phones at present, despite these usually being among the most expensive phones you can buy.

The Google Pixel 9 Pro Fold, for example, has an IPX8 rating, meaning it has the same level of water resistance but no dust resistance at all. The Samsung Galaxy Z Fold 6 does a bit better with an IP48 rating, meaning it’s good for water resistance and has some dust resistance, but it's only protected against things that are bigger than 1mm.

So, if this leak is accurate, then the Google Pixel 10 Pro Fold could be the first foldable phone that’s properly protected against dust – though it’s possible that another upcoming foldable, such as the Samsung Galaxy Z Fold 7, could beat it to that title, since Samsung’s phone will probably launch sooner.

A slimmer hinge and a bigger screen

The Google Pixel 9 Pro Fold (Image credit: Techradar / Zachariah Kelly)

In any case, this report also claims that the Google Pixel 10 Pro Fold will have a slimmer hinge than its predecessor, which will allow the phone as a whole to also be thinner. They don’t say how thin, but for reference, the Pixel 9 Pro Fold is 5.1mm thick when unfolded and 10.5mm thick when folded.

Additionally, the Pixel 10 Pro Fold’s cover screen will apparently be slightly bigger at 6.4 inches (up from 6.3 inches on the current model).

This is all reassuring to hear, because previous Pixel 10 Pro Fold leaks suggest that not much else might be getting improved. So, at least if this latest information is correct, there could be some reasons to upgrade.

We might find out exactly what the Pixel 10 Pro Fold has to offer on August 20, as leaks suggest that’s when it will land, with the phone likely to launch alongside the rest of the Google Pixel 10 series.

You might also like
Uber Launches Waymo Driverless Rides in Atlanta. Here's How to Hail a Robotaxi - Tuesday, June 24, 2025 - 07:00
The companies are launching self-driving rides across 65 square miles of Atlanta, with plans for future expansions.
I Love Lenovo's Latest ThinkPad X1 Carbon but Was Shocked at the Cost of Upgrades - Tuesday, June 24, 2025 - 07:00
The little laptop is extremely light and long-running, making it a great pick for road warriors. But, Lenovo, you want how much for an OLED display?
6 Fabrics That Will Keep You Fashionably Cool in the Summer Heat - Tuesday, June 24, 2025 - 07:17
Now that summer is here, it's time to stock up on cooling clothing made from fabrics that will help you beat the heat.
Fewer Identity Theft Reports, Larger Losses: Here's What to Make of Latest Research - Tuesday, June 24, 2025 - 07:45
Experts say criminals might just be using AI and other tech to get better at picking victims.
Google Earth Is Turning 20, and the Digital Globe Has 2 Handy New Features for You - Tuesday, June 24, 2025 - 08:00
Explore new features coming to Google Earth and take a look back at the major milestones of the platform since 2005.
Dealing With Spotty Internet? A Network Switch Might Fix It - Tuesday, June 24, 2025 - 08:00
Should you consider investing in a network switch? Here’s why it might help optimize your home internet connection and bring you faster speeds.
This New Smart Lock From Yale Pairs With Video Doorbells in Ways I Haven't Seen Before - Tuesday, June 24, 2025 - 08:00
The latest Matter-powered lock from Yale has a new design and features made specifically for the Google Nest Doorbell -- here's why I'm interested.
Rocket Money Review 2025: CNET's Editor's Choice Winner for Best Budgeting App - Tuesday, June 24, 2025 - 08:00
Our top budgeting app pick is easy to use, has tons of useful features and has an affordable price tag.
Monarch Money Review 2025: Best Budgeting App for Couples - Tuesday, June 24, 2025 - 08:00
Take the stress out of managing joint finances, from setting savings goals to tracking your investments.
I Tried ExpressVPN’s New Mobile App. It Made My Favorite VPN Even Easier to Use - Tuesday, June 24, 2025 - 08:00
It’s not perfect, but there’s a lot to like about ExpressVPN’s new mobile app on Android and iOS.
I Tried Using These 2 AI Tools to DJ My Parties. A Real Person Is Better - Tuesday, June 24, 2025 - 08:13
Song selections and transitions can be streamlined with in-the-moment input. But organically mixing beats is something only a human really gets right.
My 7 Easy Steps to Protect Your Home Security Cameras From Hackers - Tuesday, June 24, 2025 - 09:00
Your security cameras are safer than ever, but if you're still worried about someone invading them, here's what to do.
I Wish Meta and Microsoft's New Quest 3S Xbox Edition Was More Than Just a New Color - Tuesday, June 24, 2025 - 09:00
The limited edition Quest headset is basically a black Quest with an Xbox controller and a fancy head strap. Will Microsoft be planning more with this Xbox-to-VR overlap beyond GamePass?
Is 10,000 Steps Enough? This Daily Fitness Goal May Not Be for Everyone - Tuesday, June 24, 2025 - 09:00
Walking is a daily, low-impact exercise and a great way to stay active. But how many steps will keep you fit?
Pro Tips: How to Charge Your Battery-Powered Wireless Security Cameras - Tuesday, June 24, 2025 - 09:13
Most wireless security cameras come with reliable rechargeable batteries, but knowing these simple tips will make your life easier.
Here's How You Can Get Paid From AT&T's $177M Data Breach Settlement - Tuesday, June 24, 2025 - 10:09
The telecom giant will pay out $177 million in relation to two recent data breaches affecting current and former customers.

Pages