Monthly Archives: October 2020


Phishing for Microsoft Teams Credentials

Phishing continues to be a pain in everyone’s rear end. This particular Phishing scam aims to rob you from your Microsoft Teams Credentials. 

Since Microsoft Teams has become a favorable communication tool throughout the world of course hackers are now aiming to phish you into giving them your login information.

Abnormal Security said “Because Microsoft Teams is an instant messaging service, recipients of this notification might be more apt to click on it so that they can respond quickly to whatever message they think they may have missed based on the notification.”

What to look for

  1. The attack impersonates an automated message from what you think would be from Microsoft Teams.

  2. The from field would state “Theres new activity in teams”. 
  3. The message from the teammate would craft a message with a sense of urgency.
  4. The email will have clickable URL’s and Buttons that direct you to a fake Office365
Read the rest

Cyber-Response Ethical Guidelines is a must read.

Now this was an interesting read from the website ethicsFIRST. They guide you through 12 ethical duties which are listed and explained. Of course some of it seems to be a little on the nose and why did you not ethically choose this path to begin with? Regardless these steps are great for people that seen to lack a cyber security ethics plan and path and could bring some confidence to your teams decision making. 

The guidelines were launched on Oct. 21, Global Ethics Day, by FIRST.

For more, read here.

Read the rest

Mobile Users Falling Victims To URL Spoofing

Yikes, aren’t there enough mobile vulnerabilities already? Now we have to tend to URL Spoofing and determining if the website is real or not?

A Rapid7 researcher named Tod Beardsley, which disclosed the vulnerability, said this flaw, is an instance of CWE-451 from the Common Weakness Enumeration. It is cause for concern because these victims on mobile devices can’t tell the difference between a real site and the fake site victims land on.

In its most common cases a user would get lured to click on a link from a social media site, or receive a text on their mobile device with a link that would take them to the fraudulent site. In just about every instance, once the user clicks, he’s asked to give up something, whether it’s credentials or credit card information.

“I can’t really tell the difference,” Beardsley said. “The mobile address bar is so small that

Read the rest

Stay Informed

Receive instant notifications when new content is released.