You are here

Home » Cybersecurity

Cybersecurity

Security Awareness – Email Spoofing

Email remains one of the most common attack vectors for threat actors seeking access into an organization’s network infrastructure. One of the more stealthy tactics adversaries employ to fool users into clicking on malicious links or attachments is email spoofing, where an email or link appears to come from a legitimate source but has been modified to obfuscate malicious intent. Some common forms of email spoofing include business email compromise (BEC), legitimate domain spoofing, lookalike domain spoofing, and spear phishing.

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - May 26, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Alerts, Updates, and Bulletins:

The Always Anonymized and Aggregated, Verizon’s 2022 Data Breach Investigations Report (2022 DBIR)

The Verizon Data Breach Investigations Report, affectionately known as the “DBIR,” in its 15th annual publication, was released this week. Many of its crunched numbers and astute observations (based on empirical evidence) mirror common findings highlighted in other recently published authoritative reports from CISA and its international cybersecurity partners.

(Update May 26, 2022) – Exploit Code Available for Recently Disclosed VMware Vulnerabilities

Attention: Members using impacted VMware products are strongly encouraged to pass this information along to IT support personnel and/or third party IT/managed service providers to be promptly addressed.

As anticipated, a working proof-of-concept has been developed for CVE-2022-22972. Security researchers have published an analysis report and working exploit. The public disclosure of exploits typically reduces the time to active exploitation by threat actors and increases the risk of compromise posed to devices that remain unpatched.

Security Awareness – Vishing Attacks Increasingly Using Lures to Trick Users into Calling

Vishing (voice phishing) attacks have dramatically increased over the past year, according to a recent cybersecurity report. The latest quarterly report from Agari and PhishLabs found that vishing attacks increased 550 percent in Q1 2022, compared to the year prior. Additionally, the report found that vishing has overtaken business email compromise (BEC) as the second most reported email threat since Q3 2021.

Threat Awareness - Snake Keylogger Propagates Through Malicious PDFs

Security researchers have discovered a new phishing campaign that leverages malicious PDFs and a five-year-old remote code execution (RCE) vulnerability to deliver Snake Keylogger malware to victim devices. Snake Keylogger steals credentials, victim keystrokes, screenshots of victim’s screen, and clipboard data. In this particular campaign, victims’ receive an email named “Remittance Invoice,” with a weaponized PDF attached. When the PDF is opened, Adobe Reader prompts them with a Word document, deceivingly named “has been verified” to trick users into opening it.

CISA’s FY21 Risk and Vulnerability Assessments – Phishing Lingers, but Use of Valid Accounts Leads Initial Access Techniques

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) released its Analysis of FY21 Risk and Vulnerability Assessments along with an infographic mapping to the MITRE ATT&CK® Framework of 112 Risk and Vulnerability Assessments (RVAs) conducted in Fiscal Year 2021.

Threat Awareness – Emotet Most Active Malware of Q1 2022

The infamous Emotet malware was the most common type of malware observed in the first quarter of 2022, according to analytics from the HP Wolf Security threat research team. The researchers found a 28-fold increase in detections resulting from Emotet malicious spam campaigns compared to the fourth quarter of 2021. Emotet represents 9 percent of all malware analyzed by the researchers. The Cybersecurity and Infrastructure Security Agency (CISA) described Emotet as one of the most destructive and costly malware to remediate.

Pages

Subscribe to Cybersecurity