News

It’s one thing for employees to receive a phishing email that is purposefully crafted or spoofed to look like a genuine online communication. But when happens when people receive an actual, legitimate email that accidentally looks like a phishing scam? Source: SC Magazine

Two critical security vulnerabilities discovered in Oracle's E-Business Suite (EBS) could allow potential attackers to take full control over a company's entire enterprise resource planning (ERP) solution. Source: Bleeping Computer

Cybercriminals attempted to install Cyborg ransomware on target machines by deceiving victims with a fraudulent Windows update. Install Latest Microsoft Windows Update now! Critical Microsoft Windows Update! These are the two subject lines of fraudulent emails disguised to appear as Windows Update notifications while containing malicious attachments to infect targets with Cyborg ransomware. While the threat is not effective, experts warn its public builder can be used to create variants. Source: Dark Reading

A new spam campaign pretending to be a 'Critical Microsoft Windows Update' has been discovered that attempts to deliver the Cyborg Ransomware, but turns out to be an utter failure. Source: Bleeping Computer

A vulnerability in the Google Camera Application left millions of Google and Samsung smartphones open to being potentially abused potentially letting a malicious actor to take photos, download images and video and listen in to phone calls. Source: SC Magazine

Researchers exploring Windows Hello for Business found an Active Directory backdoor and other attack vectors that could lead to privilege escalation. Researchers investigating Microsoft's Windows Hello for Business have discovered new attack vectors, including a persistent Active Directory backdoor that they say current security tools don't detect. Source: Dark Reading

Attackers are reportedly targeting an NGINX/php-fpm vulnerability to infect users of the NextCloud file sync and share service with a recently discovered ransomware called NextCry. Infecting a NextCloud instance is doubly damaging to victims because the affected service begins replacing files stored on their synced-up machines with the newly encrypted versions. Source: SC Magazine

The credentials, priced from free to $11 per account, appear to be due to victims' re-use of logins and passwords. That didn't take long: stolen user accounts for the new Disney+ streaming service began appearing on Dark Web sites just hours after it went live on November 12. Source: Dark Reading

Macy's has announced that they have suffered a data breach due to their web site being hacked with malicious scripts that steal customer's payment information. This type of compromise is called MageCart attack and consists of hackers compromising a web site so that they can inject malicious JavaScript scripts into various sections of the web site. These scripts then steal payment information that is submitted by a customer. Source: Bleeping Computer

The state government of Louisiana was hit by a ransomware attack today that impacted numerous state services including the Office of Motor Vehicles, the Department of Health, and the Department of Transportion and Development. The attack was first reported at 11am, after there was a forced shutdown of numerous web sites operated by the state as well as email and Internet services. Source: Bleeping Computer