FBI Says Its System Was Exploited to Email Fake Cyberattack Alert
The alert was mumbo jumbo, but it was indeed sent from the bureau’s
email system, from the agency’s own internet address.
[...]
Web Security
Articles targeted at Web App Security, hacks, guides, how to’s and the latest vulnerabilities.
Top 10 Cybersecurity Best Practices to Combat Ransomware
Immutable storage and more: Sonya Duffin, data protection expert at Veritas Technologies, offers the Top 10 steps for building a multi-layer resilience profile.
[...]
Mac Zero Day Targets Apple Devices in Hong Kong
Google researchers have detailed a widespread watering-hole attack that installed a backdoor on Apple devices that visited Hong Kong-based media and pro-democracy sites.
[...]
Congress Mulls Ban on Big Ransom Payouts
A bill introduced this week would regulate ransomware response by the country’s critical financial sector.
Source: Threat Post – Web Security –
[...]
Tiny Font Size Fools Email Filters in BEC Phishing
The One Font BEC campaign targets Microsoft 365 users and uses sophisticated obfuscation tactics to slip past security protections to harvest credentials.
[...]
Critical Citrix Bug Shuts Down Network, Cloud App Access
The distributed computing vendor patched the flaw, affecting Citrix ADC and Gateway, along with another flaw impacting availability for SD-WAN appliances.
Source:
[...]
Massive Zero-Day Hole Found in Palo Alto Security Appliances
Researchers have a working exploit for the vulnerability (now patched), which allows for unauthenticated RCE and affects an estimated 70,000+ VPN/firewalls.
Source:
[...]
Microsoft Nov. Patch Tuesday Fixes Six Zero-Days, 55 Bugs
Experts urged users to prioritize patches for Microsoft Exchange and Excel, those favorite platforms so frequently targeted by cybercriminals and nation-state actors.
[...]
Not Punny: Angling Direct Breach Cripples Retailer for Days
A U.K. fishing retailer’s site has been hijacked and redirected to Pornhub.
Source: Threat Post – Web Security – Not Punny: Angling
[...]
12 New Flaws Used in Ransomware Attacks in Q3
The Q3 2021 report revealed a 4.5% increase in CVEs associated with ransomware and a 3.4% increase in ransomware families compared with Q2
[...]