An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email security vendor Proofpoint's defenses to send millions of messages spoofing various popular companies like Best Buy, IBM, Nike, and Walt Disney, as well as others. (The Hacker News)
|
“A critical vulnerability was recently uncovered in Proofpoint's email routing settings that was leveraged in a phishing campaign called "EchoSpoofing." This vulnerability enabled attackers to send millions of spoofed emails that seemed to originate from reputable brands like Disney, IBM, and Coca-Cola, utilizing Proofpoint's email relays and Virtual Private Servers. Thankfully, Proofpoint addressed the flaw in March 2024. – Tadeh Anbarchian, SOC Analyst II at Ingalls Information Security |
CrowdStrike is being sued by its shareholders after a faulty software update by the cybersecurity firm crashed more than eight million computers and caused chaos around the world. (BBC)
The Hunters International ransomware group is targeting IT workers with a new C# remote access trojan (RAT) called SharpRhino to breach corporate networks. (BleepingComputer)
DigiCert, a major certificate authority, to revoke thousands of SSL/TLS certificates because of a Domain Control Verification error. This could affect a lot of websites. (Cyber Security News)
A now-patched security flaw in the Microsoft Defender SmartScreen has been exploited as part of a new campaign designed to deliver information stealers such as ACR Stealer, Lumma, and Meduza. A security services platform said it detected the stealer campaign targeting Spain, Thailand, and the U.S. using booby-trapped files that exploit CVE-2024-21412 (CVSS score: 8.1). (The Hacker News)
Several European countries are betting on open-source software. In the United States, eh, not so much. In the latest news from across the Atlantic, Switzerland has taken a major step forward with its "Federal Law on the Use of Electronic Means for the Fulfillment of Government Tasks" (EMBAG). This groundbreaking legislation mandates releasing open-source software (OSS) of the Federal government. (ZDNet)
A recently discovered vulnerability in Microsoft’s Windows Hello for Business (WHfB) authentication system allowed attackers to bypass the supposedly phishing-resistant login method, raising concerns about the security of this widely adopted passwordless solution. (Cyber Security News)
Meta Platforms on Wednesday said it took steps to remove around 63,000 Instagram accounts in Nigeria that were found to target people with financial sextortion scams. (The Hacker News)
GitLab has released new Community Edition (CE) and Enterprise Edition (EE) versions to address multiple vulnerabilities. Among these, a high-severity cross-site scripting (XSS) vulnerability has garnered particular attention due to its potential to allow attackers to execute arbitrary code, (Cyber Security News)
Following three separate data breaches between 2021 and 2023 which exposed the proprietary information (PI) of TracFone Wireless customers, the Federal Communications Commission (FCC) announced that the Verizon-owned company has agreed to pay a $16 million civil penalty to settle the government investigation, and it has made an agreement to improve its application programming interface (API) security. (Malwarebytes Labs)