You are here

Home

Cybersecurity

FBI PIN - Compromised U.S. Academic Credentials Identified Across Various Public and Dark Web Forums

The FBI has published a TLP:WHITE Private Industry Notification (PIN) warning that compromised U.S. academic credentials are being advertised for sale on online criminal marketplaces. Credential harvesting against an entity is often a consequence of spear-phishing, ransomware, or other cyber intrusion tactics. According to the FBI, “The exposure of usernames and passwords can lead to brute force credential stuffing computer network attacks, whereby attackers attempt logins across various internet sites or exploit them for subsequent cyber attacks” such as the deployment of ransomware.

Security Awareness – Phishing Campaign Leveraging QuickBooks Theme

An ongoing phishing campaign is masquerading as the QuickBooks accounting software support team seeking to steal victims’ personal information and likely conduct other malicious activity. In this particular campaign, users receive an email purporting to come from the QuickBooks support team with a warning message stating that QuickBooks is unable to verify account information and the account is about to be suspended.

Threat Awareness – Breaking Down the Emotet Infection Chain as Attacks Continue to Rise

Emotet malware continues to be one of the most prevalent and destructive types of malware targeting organizations today. Thus, understanding Emotet’s infection chain can help network defenders and users protect against this threat. Emotet propagates via email phishing campaigns, using infected devices to send malicious emails to victims. While Emotet typically employs email hijacking, it is also known to leverage other social engineering tactics with the goal of tricking victims into opening a malicious file or link.

Security Awareness – Email Spoofing

Email remains one of the most common attack vectors for threat actors seeking access into an organization’s network infrastructure. One of the more stealthy tactics adversaries employ to fool users into clicking on malicious links or attachments is email spoofing, where an email or link appears to come from a legitimate source but has been modified to obfuscate malicious intent. Some common forms of email spoofing include business email compromise (BEC), legitimate domain spoofing, lookalike domain spoofing, and spear phishing.

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins - May 26, 2022

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

Alerts, Updates, and Bulletins:

The Always Anonymized and Aggregated, Verizon’s 2022 Data Breach Investigations Report (2022 DBIR)

The Verizon Data Breach Investigations Report, affectionately known as the “DBIR,” in its 15th annual publication, was released this week. Many of its crunched numbers and astute observations (based on empirical evidence) mirror common findings highlighted in other recently published authoritative reports from CISA and its international cybersecurity partners.

(Update May 26, 2022) – Exploit Code Available for Recently Disclosed VMware Vulnerabilities

Attention: Members using impacted VMware products are strongly encouraged to pass this information along to IT support personnel and/or third party IT/managed service providers to be promptly addressed.

As anticipated, a working proof-of-concept has been developed for CVE-2022-22972. Security researchers have published an analysis report and working exploit. The public disclosure of exploits typically reduces the time to active exploitation by threat actors and increases the risk of compromise posed to devices that remain unpatched.

Security Awareness – Vishing Attacks Increasingly Using Lures to Trick Users into Calling

Vishing (voice phishing) attacks have dramatically increased over the past year, according to a recent cybersecurity report. The latest quarterly report from Agari and PhishLabs found that vishing attacks increased 550 percent in Q1 2022, compared to the year prior. Additionally, the report found that vishing has overtaken business email compromise (BEC) as the second most reported email threat since Q3 2021.

Threat Awareness - Snake Keylogger Propagates Through Malicious PDFs

Security researchers have discovered a new phishing campaign that leverages malicious PDFs and a five-year-old remote code execution (RCE) vulnerability to deliver Snake Keylogger malware to victim devices. Snake Keylogger steals credentials, victim keystrokes, screenshots of victim’s screen, and clipboard data. In this particular campaign, victims’ receive an email named “Remittance Invoice,” with a weaponized PDF attached. When the PDF is opened, Adobe Reader prompts them with a Word document, deceivingly named “has been verified” to trick users into opening it.

Pages

Subscribe to Cybersecurity