Cybersecurity

Threat Awareness – Phishing Campaign Leveraging LinkedIn Smart Links Returns to Siphon Microsoft Credentials

Cofense detected a surge in the abuse of LinkedIn Smart Links in phishing attacks allowing actors to bypass protection measures and evade detection. “Smart Links are part of LinkedIn's Sales Navigator service, used for marketing and tracking, allowing Business accounts to email content using trackable links to determine who engaged with it. Also, because Smart Link uses LinkedIn's domain followed by an eight-character code parameter, they appear to originate from a trustworthy source and bypass email protections” (Bleeping Computer, 2023).

Read more about Threat Awareness – Phishing Campaign Leveraging LinkedIn Smart Links Returns to Siphon Microsoft Credentials

Don’t Dismiss DDoS Defense

Google says it mitigated a series of DDoS attacks reaching a peak of 398 million requests per second (rps), which is nearly 9 times bigger than the largest-recorded DDoS attack last year, peaking at 46 million rps. The latest set of attacks started in August and are still ongoing. According to Google, the attacks rely on a novel technique dubbed “Rapid Reset” which leverages stream multiplexing, a feature of the widely adopted HTTP/2 protocol.

Read more about Don’t Dismiss DDoS Defense

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – October 12, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Nineteen Industrial Control Systems Advisories

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – October 12, 2023

FBI and CISA Release Update on AvosLocker Advisory

Members are encouraged to review this update for newly observed IOCs and TTPs not included in the previous advisory and a YARA rule FBI developed after analyzing a tool associated with an AvosLocker compromise.

Read more about FBI and CISA Release Update on AvosLocker Advisory

Supplemental Cyber Highlights – October 10, 2023

The following posts are useful for general awareness of current threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure Resilience

Read more about Supplemental Cyber Highlights – October 10, 2023

Ransomware Awareness – HelloKitty Ransomware Poised for Future Adaptations and Attacks

HelloKitty is a ransomware group operated with a great deal of human interaction which has been active since November 2020. The groups’ notoriety comes from infiltrating corporate networks, stealing data, and encrypting systems to demand ransoms to include double extortion. One of their most significant attacks was on CD Projekt Red in February 2021, where they claimed to have stolen source code for games like Cyberpunk 2077 and Witcher 3. In the summer of 2021, they expanded their targets to include the VMware ESXi virtual machine platform using a Linux variant.

Read more about Ransomware Awareness – HelloKitty Ransomware Poised for Future Adaptations and Attacks

Holiday Season Phishing Surge: USPS and National Postal Services Impersonation Alert

In recent weeks, there has been a significant increase in phishing scams specifically directed at USPS customers. One such elaborate operation involves SMS-based phishing attempts designed to trick recipients into divulging personal and financial data. These attacks utilize a fake USPS identity and mimic postal services in numerous countries worldwide.

Read more about Holiday Season Phishing Surge: USPS and National Postal Services Impersonation Alert

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – October 10, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases One Industrial Control Systems Advisory

Products are used across multiple sectors, please check these latest advisories for specific equipment used across your ICS environments and address accordingly.

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – October 10, 2023

CISA, FBI, NSA, and Treasury Release Guidance on OSS in IT/ICS Environments

CISA, the FBI, the National Security Agency, and the U.S. Department of the Treasury have released guidance on improving the security of open source software (OSS) in operational technology (OT) and industrial control systems (ICS).

Read more about CISA, FBI, NSA, and Treasury Release Guidance on OSS in IT/ICS Environments

Supplemental Cyber Highlights – October 5, 2023

Critical Infrastructure Resilience

Read more about Supplemental Cyber Highlights – October 5, 2023

You are here

Cybersecurity

Threat Awareness – Phishing Campaign Leveraging LinkedIn Smart Links Returns to Siphon Microsoft Credentials

Don’t Dismiss DDoS Defense

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – October 12, 2023

FBI and CISA Release Update on AvosLocker Advisory

Supplemental Cyber Highlights – October 10, 2023

Ransomware Awareness – HelloKitty Ransomware Poised for Future Adaptations and Attacks

Holiday Season Phishing Surge: USPS and National Postal Services Impersonation Alert

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – October 10, 2023

CISA, FBI, NSA, and Treasury Release Guidance on OSS in IT/ICS Environments

Supplemental Cyber Highlights – October 5, 2023

Pages

You are here

Cybersecurity

Pages

Footer Email Signup