Midnight Blizzard, Cult of the Dead Cow, Five Eyes, Aaran Leyland, and More News – SWN #315
Midnight Blizzard, Citrix, Bloodhound, Five Eyes, Canon, Cult of the Dead Cow, AI Shopping, Aaran Leyland, and More on this edition of the Security Weekly News.
Doug White
- Microsoft Catches Russian Government Hackers Phishing with Teams Chat App
- SpecterOps Updates BloodHound Active Directory Mapping Tool
- Hundreds of Citrix NetScaler ADC and Gateway Servers Hacked in Major Cyber Attack
- Old vulnerabilities, major vendors dominate list of most-exploited flaws of 2022
- Wi-Fi vulnerability in Canon inkjet printers may expose user information
- Malicious npm Packages Found Exfiltrating Sensitive Data from Developers
- Hacking group plans system to encrypt social media and other apps
- Japanese supermarket watches you shop, AI suggests stuff
Aaran Leyland
- Hackers exploited Salesforce zero-day in Facebook phishing attack By Bill Toulas
A new, unpatched exploit that involves a sophisticated email phishing campaign has been discovered by security researchers at Guardio Labs.
The targets are Salesforce Inc. customers, and the threat involves spoofing the company’s email servers and domain names. The process of finding and fixing the issue reveals a lot about how security teams can work together to fight phishing.
Called PhishForce, the attack is quite clever, designed to avoid detection by both Salesforce and Meta Platforms Inc.’s Facebook. It uses an old technique: sending malicious emails and hiding them inside ordinarily trusted mail gateways so that the emails won’t be challenged by protective shields. The researchers found a single questionable email message, as shown in the screen capture below, that triggered their investigation.
