In June, researchers revealed a vulnerability in Azure Active Directory and third-party apps called “nOAuth,” that could result in a complete account takeover. This is just one of the many vulnerabilities in Microsoft software and systems like Active Directory that can be exploited, putting organizations at risk. Although Microsoft has responded to the vulnerability, developers… Continue reading Microsoft “nOAuth” is Vulnerable to Simple Email Spoofing
Author: Stephanie Adlam
I write about how to make your Internet browsing comfortable and safe. The modern digital world is worth being a part of, and I want to show you how to do it properly.
American Airlines Hacked by Cl0P Gang, MOVEit Involved
American Airlines, the major airline company in the US, appears to be yet another victim of MOVEit vulnerability. Specifically, Cl0p ransomware gang hackers claim the successful attack upon the co. The post on their Darknet leak site does not disclose much, but the company is most likely already in the negotiations with hackers. What is… Continue reading American Airlines Hacked by Cl0P Gang, MOVEit Involved
Trojan:Win32/Randet.A!plock – What is That Detection?
Windows Defender’s mass detections of Trojan:Win32/Randet.A!plock worries people. Are the user files complained about by Defender malicious? Trojan:Win32/Randet.A!plock Microsoft Defender Detection Recently, users have been actively discussing on thematic forums on the network about Windows Defender triggering on files that, according to the Defender, are Trojan:Win32/Randet.A!plock. According to users, the detected file may be a… Continue reading Trojan:Win32/Randet.A!plock – What is That Detection?
Microsoft CVE-2023-36884 Vulnerability Exploited in the Wild
On July 11, 2023, Microsoft published an article about addressing the CVE-2023-36884 vulnerability. This breach allowed for remote code execution in Office and Windows HTML. Microsoft has acknowledged a targeted attack that exploits a vulnerability using specifically designed Microsoft Office documents. The attacker can gain control of a victim’s computer by creating a malicious Office… Continue reading Microsoft CVE-2023-36884 Vulnerability Exploited in the Wild
What is Cyber Risk Exposure and How Can You Manage It?
Modern businesses face cybersecurity threats daily. While most are effectively neutralized, a successful attack can lead to unpleasant consequences. Therefore, it is crucial for organizations to clearly understand their vulnerability to cyber risks and how they can accurately assess this risk. This article will explore the quantitative assessment of cyber threats, their benefits, and how… Continue reading What is Cyber Risk Exposure and How Can You Manage It?
Amazon Prime Day Scams and Fake Amazon Websites
It’s not uncommon for scammers to target online shoppers, often by pretending to be companies like Amazon. However, these phishing attempts tend to increase during major sales events like Black Friday or Prime Day. These events represent a significant moment for retailers, but unfortunately, also an opportunity for scammers, con artists, and unethical businesses to… Continue reading Amazon Prime Day Scams and Fake Amazon Websites
Hot and Cold Crypto Wallets Hacking
Cryptocurrency is a rapidly changing world where people can make fortunes by exchanging digital assets. However, seasoned investors and newcomers alike are at risk of falling prey to crypto phishing scams. These scams exploit people’s trust and vulnerability and aim to trick them into revealing sensitive information or giving up their hard-earned crypto holdings. What… Continue reading Hot and Cold Crypto Wallets Hacking
Forged Driver Signatures Exploited In The Wild
Hackers actively use driver signature spoofing, which originates from a loophole in Windows kernel-mode drivers handling mechanism. They heavily bear on open-source utilities that were primarily designed for temporal circumvention of drivers signing, which is a far too big delay when it comes to evaluations. Cybercriminals though do not do any tests, and do hit… Continue reading Forged Driver Signatures Exploited In The Wild
Legion Stealer targeting PUBG players
Scammers are using a misleading GitHub page to distribute Legion Stealer to fans of rogue PUBG games. Under the guise of cheats, users download malware. Legion Stealer Attacks PUBG Players Cyble Research and Intelligence Labs (CRIL) recently uncovered a fraudulent GitHub page pretending to be a PUBG bypass hack project. However, instead of providing game… Continue reading Legion Stealer targeting PUBG players
Bed Bath & Beyond Shopping Scams
In late April, 2023, American home goods retailer Bed Bath & Beyond filed for bankruptcy protection under Chapter 11. This event was expected, due to the company’s poor performance over the last quarter before the bankruptcy. Though, not only short sellers decided to make profit on this: online scammers decided to fool people, appealing to… Continue reading Bed Bath & Beyond Shopping Scams