You are here

Home » Cybersecurity

Cybersecurity

Security Awareness – Current Phishing Campaign Leverages Fake Outlook Web App

A new phishing scam is using the likeness of Microsoft Outlook Web App to steal credentials. Researchers at Mailguard observed a recent phishing campaign from an unknown group of cyber criminals seeking to gain access to user credentials. The email asks users to ‘validate your account’ by clicking on a nefarious link and entering your password. After clicking the link, victims are directed to a mimicked version of the Outlook Web App login page and asked to provide their username and password.

FBI FLASH: APT Group Exploiting 0-day in FatPipe WARP, MPVPN, and IPVPN Software

The FBI has published a TLP:WHITE FLASH examining the activities of an APT group exploiting a zero-day in FatPipe WARP, MPVPN, and IPVPN software. According to the FLASH, APT actors have been observed exploiting this vulnerability going back to at least May 2021. The vulnerability allowed the threat actors “to gain access to an unrestricted file upload function to drop a webshell for exploitation activity with root access, leading to elevated privileges and potential follow-on activity.” The FLASH includes further technical details regarding this activity and lists recommended mitigations.

(TLP:WHITE) EPA and WaterISAC Joint Advisory Regarding Continued Email Account Compromise Incidents Against U.S. Water and Wastewater Systems

During the past year, the FBI has published multiple notifications highlighting the widespread threat of Business Email Compromise (BEC). Likewise, recent sector reports and responses to WaterISAC’s Quarterly Incident Surveys corroborate that water and wastewater systems of all sizes continue being victimized by impersonation-style attacks such as Business Email Compromise, and specifically Vendor Email Compromise (VEC).

The Top Domains that Threat Actors Prefer

Amidst thousands of top-level domains (TLD) available, researchers at Palo Alto Networks have identified the most widely exploited TLDs by threat actors. The researchers discovered threat actors prefer a small group of 25 TLDs, accounting for 90 percent of all malicious websites. Threat actors prefer exploiting .com and .net TLDs because they appear more legitimate to victims and thus improve success rates. The TLDs that spread the most malware include .ga, .xyz, .cf, ,tk, .org, and .ml.

CISA Publishes Cybersecurity Incident and Vulnerability Response Playbooks

The Cybersecurity and Infrastructure Security Agency (CISA) just released two playbooks for federal executive branch agencies to serve as guides on how “to respond to vulnerabilities and incidents” impacting their networks. The playbooks provide operational guidelines for planning and conducting cybersecurity incident and vulnerability response activities. Illustrated decision trees and step by step instructions for both incident and vulnerability response are also included. The new operational procedures fulfill the directives issued to CISA by the White House’s Executive Order 14028.

FBI Portal Suffers Compromise

The notion that every organization is vulnerable to a cyber attack gained further credence this weekend when the FBI suffered a breach to one of its email servers. On Friday, a threat actor exploited a software vulnerability in the FBI’s Law Enforcement Enterprise Portal (LEEP), which is used for communication with state and local law enforcement partners, disseminating over 100,000 fraudulent emails. The adversary discovered the misconfiguration in the LEEP portal’s registration process, allowing them to send out emails from an fbi.gov address.

Infrastructure Bill With New Resilience and Cybersecurity Provisions Headed to White House

In the coming days President Joe Biden is expected to sign into law H.R. 3684, the Infrastructure Investment and Jobs Act. The measure will provide $550 billion in new infrastructure spending over the next five years, including nearly $50 billion for selected drinking water and wastewater programs at EPA.

Pages

Subscribe to Cybersecurity