OAuth application abuse used to gain Exchange Online access
Microsoft researchers recently found a new type of attack. Hackers compromise Exchange Online access with malicious OAuth applications and then use it to change your email settings and spread spam.
OAuth applications are growing in popularity. One of the first malicious uses of OAuth applications is consent phishing. Consent phishing is a particularly sly form of phishing attacks that aim to trick users into granting permission to malicious apps so that they can gain access to cloud services such as email, files storage, and management APIs.
The attacker then gains access to the server by using a technique called credential stuffing, which is basically taking passwords from a compromised database and trying them. This is possible because the target OAuth authentication was bypassed. And they had administrator roles, so they could do everything on the site.
Figure 1. Overview of the attack chain. The time between application deployment and usage … Read the rest
How To Create An IT Hurricane Preparedness Plan
Looking to safeguard your IT infrastructure against hurricanes? Learn how to create an IT Hurricane Preparedness Plan that ensures business continuity and data protection.
Introduction
A disaster plan is essential for businesses in the South. A hurricane preparedness plan is just as essential for digital and electronic assets. In this blog post, we answer common questions about creating a digital disaster recovery plan. These include: What does it look like? Should I have one? How often should I update it? And so on. It applies to natural disasters such as hurricanes, but it can also be applied to other types of disasters.
Importance of IT Hurricane Preparedness
Ignoring the need for an IT Hurricane Preparedness Plan is like playing Russian roulette with your business. According to the Federal Emergency Management Agency (FEMA), nearly 40% of small businesses never reopen after a disaster. The modern business landscape relies heavily on data … Read the rest
Hackers Pivoting Around Macro Blocking in Microsoft Office
Microsoft’s default blocking of macros in its Office suite is not stopping hackers. These hackers are now using alternative files to host malicious payloads, now that Microsoft’s primary method of threat delivery is being cut off.
The use of macros-enabled attachments by threat actors has decreased dramatically in the past year, according to new data by Proofpoint revealed in a blog post Thursday. The decrease began when Microsoft announced it would block XL4 macros by default for Excel users. This was followed up with the blocking of VBA macros by default across the Office suite this year.
As Microsoft continues to improve its Office suite security, hackers are increasingly resorting to other file types as vessels for malware, Trend Micro researchers said. Specifically, the company is seeing an increase in the use of “container files” such as ISO and RAR attachments as well as Windows Shortcut (LNK) files.
In the … Read the rest
Ransomware attacks on retail increase
Sophos surveyed more than 300 retailers in 2021, and it found that 300 of them had been hit with ransomware attacks.
A new study from Sophos found that retail businesses are increasingly being targeted by ransomware. Sophos, a leader in cybersecurity, interviewed IT workers at mid-sized organizations in the retail sector to find out about their experiences with ransomware.
77% of respondents who were hit with ransomware in the year 2021 represented a 75% increase compared to 2020. That number is pretty bad. The average ransom payment grew from $147,811 in 2020 to $226,044 in 2021.
Chester Wisniewski, a scientist who works for a company that makes anti-virus software, discovered that about half of businesses who are attacked with ransomware think the volume and complexity of ransomware has stayed the same. He said that what surprised him most was that 77% of businesses had been attacked by ransomware.
… Read the restChester stated:
UDM PRO VPN On ATT Fiber BGW320
In this tutorial you will learn how to configure your ATT Fiber BGW320 to allow UniFi UDM PRO VPN connections through the ATT Fiber WAN IP Address.
Task Details
- Log into your ATT Fiber BGW320.
- ATT Fiber BGW32 Configuration.
- Verify UDM PRO Wan Address.
Task 1: Log Into your ATT Fiber GB320
1. Enter the IP address of your ATT Fiber BGW320
2. Click on Home Network > Configure. Afterwards your will be prompted for your Device Access Code.
Task 2: ATT Fiber BGW32 Configuration
1. Once logged in we will change the ATT Fiber modems default subnet to something random so there won’t be any issues with the subnets you create on your Unifi UDM Pro
2. Click Home Network > Subnets & DHCP
3. From here I will change the Subnet to 15.15.15.0 and give it a small DHCP scope. The only device that needs to be … Read the rest
What Is A USB Rubber Ducky?
USB Rubber Ducky is a USB device that looks like a flash drive. It can be used to hack into systems, steal data and inject malicious codes into computers. The most important thing to remember about this device is that it can’t be detected by any anti-virus or firewall because it’s an HID device.
What is a HID device?
Human Interface Devices (HID) is a device class definition to replace PS/2-style connectors with a generic USB driver to support HID devices such as keyboards, mice, game controllers, and so on. Prior to HID, devices could only utilize strictly-defined protocols for mice and keyboards. Hardware innovation required either overloading data in an existing protocol or creating non-standard hardware with its own specialized driver. HID provided support for these “boot mode” devices while adding support for hardware innovation through extensible, standardized and easily-programmable interfaces.
HID devices today include a broad range of
Tips on Cybersecurity Awareness and Training
Empower your employees and protect your organization with expert tips on cybersecurity awareness and training. Stay one step ahead of cyber threats.
Introduction
In today’s digital landscape, where cyber threats are becoming increasingly sophisticated, cybersecurity and information security have become critical concerns for individuals and organizations alike. No longer limited to big corporations, everyone is now a potential target for cyber attacks. It is essential to exercise caution with personal information and devices. To combat this growing threat, user training plays a pivotal role in information security. By ensuring that employees are well-informed and equipped with the necessary skills, they can actively contribute to protecting both themselves and the company.
The Importance of User Training and Awareness
Understanding the Difference: Training vs. Awareness
Training and awareness are two terms often used interchangeably in the context of information security. However, it is crucial to understand the distinction between them. Training aims … Read the rest
The most impersonated brand in phishing attacks: Microsoft
Discover why Microsoft is the most impersonated brand in phishing attacks. Learn about the rise and fall of phishing incidents, industries targeted, and how to protect yourself.
Introduction
Phishing attacks have become increasingly prevalent in today’s digital landscape, with cybercriminals constantly devising new ways to exploit unsuspecting individuals and organizations. In the realm of phishing attacks, Microsoft stands out as the most impersonated brand, making it a top target for cybercriminals. In this article, we delve into the world of phishing attacks, exploring the reasons behind Microsoft’s popularity among cybercriminals, the rise and fall of phishing attacks over time, the industries most affected, and the implications of these attacks on both individuals and businesses.
Why is Microsoft the Most Popular Brand for Phishing Attacks?
Microsoft’s dominance in the realm of phishing attacks can be attributed to several factors. Firstly, Microsoft 365 has gained significant traction among small and medium-sized businesses, … Read the rest
Under Attack: Ransomware’s Unyielding Assault on Android Devices
Android devices face an unyielding assault as ransomware attacks surge. Discover the alarming rise and strategies to defend against this digital menace.
Introduction
Ransomware is a growing problem for mobile users. It has already been causing financial and data losses for many years, but it has now made its way to the Android platform. The new growing threat to Android Devices users is Ransomware. This type of software locks the screen and encrypts files on your Android device.
Ransomware is a type of malware that has been plaguing the Android world recently. It’s been growing in popularity and has been implemented on many phones. Ransomware is similar to regular desktop malware. The same techniques that have proven to be successful on computers are being used on mobile devices. Police lock-screens are popular on both Windows and Android. These programs falsely accuse victims of illegal activity, then demand a payment to … Read the rest
What Are Web App Based Attacks?
Web-based applications give us the ability to shop, email, bank, learn, and socialize. These applications can be used for shopping, communicating, and so much more. They’re a great way for businesses and consumers to connect.
With the rise in popularity of apps, businesses now have a much larger attack surface. The average large business has 946 custom apps deployed and another 193 that are in development. The internet is the platform of today. Web-based apps are everywhere: your phone, your computer, and even on smart devices. Unfortunately, we all know that most people don’t update their software often enough. Cyber attackers are targeting apps for sensitive data. Attackers can gain access to your personal information and sell it online for illicit gains. These apps contain sensitive records, such as financial information, medical data, and other personal information that could be sold online.
Most common web app based attacks
Attackers have … Read the rest
Loading ...