6 matches found
UNC6692 Impersonates IT Help Desk via Microsoft Teams to Deploy SNOW Malware
A previously undocumented threat activity cluster known as UNC6692 has been observed leveraging social engineering tactics via Microsoft Teams to deploy a custom malware suite on compromised hosts. "As with many other intrusions in recent years, UNC6692 relied heavily on impersonating IT help des...
Analyzing and remediating a malware infested T95 TV box from Amazon
A couple of weeks ago, security news outlets made their rounds reporting on an Android TV box available on Amazon that came pre-installed with malware. The findings came from a Canadian developer, Daniel Milisic, who posted on his GitHub. What Daniel found was an Android T95 TV box infected with...
How to Create a Simulated Phishing Attack Across Your Company
Email is one of the many weapons at the disposal of bad actors on the Internet, and your employees are in the firing line. Attackers try to hide behind a trusted entity, sometimes even masquerading as a known vendor or even as a representative of a group within your own organization, like HR or I...
Zoho ManageEngine ServiceDesk Plus Authentication Bypass Vulnerability
Zoho ManageEngine ServiceDesk Plus SDP is a web-based IT helpdesk software with integrated asset and project management capabilities, based on the ITIL framework. An authentication bypass vulnerability exists in Zoho ManageEngine ServiceDesk Plus prior to version 11134 during SAML login. No detai...
Using the Manager Attribute in Active Directory (AD) for Password Resets
Creating workflows around verifying password resets can be challenging for organizations, especially since many have shifted work due to the COVID-19 global pandemic. With the numbers of cyberattacks against businesses exploding and compromised credentials often being the culprit, companies have ...
Google Docs Phishing Campaign
US-CERT is aware of a phishing campaign that affected Google Docs users. The campaign used spoofed email addresses to target users with emails purporting to share a document for collaboration. Once the targeted users accepted invitations, they were encouraged to allow the phishing program access ...