Security News > 2021 > September

IT system administrators who have just started focusing on security and would love nothing better than moving up into the highly paid field of cybersecurity would do well to take a look at The CompTIA Security Infrastructure Expert Bundle. Even with just about two years of experience, you should have no problem with CompTIA Security+.

Microsoft says BulletProofLink, a large-scale phishing-as-a-service operation it spotted while investigating recent phishing attacks, is the driving force behind many phishing campaigns that have targeted many corporate organizations lately. "With over 100 available phishing templates that mimic known brands and services, the BulletProofLink operation is responsible for many of the phishing campaigns that impact enterprises today."

A flaw in Microsoft's Autodiscover protocol, used to configure Exchange clients like Outlook, can cause user credentials to leak to miscreants in certain circumstances. If the client doesn't receive any response from these URLs - which would happen if Exchange was improperly configured or was somehow prevented from accessing the designated resources - the Autodiscover protocol tries a "Back-off" algorithm that uses Autodiscover with a TLD as a hostname.

Bugs in the implementation of Microsoft Exchange's Autodiscover feature have leaked approximately 100,000 login names and passwords for Windows domains worldwide.In a new report by Amit Serper, Guardicore's AVP of Security Research, the researcher reveals how the incorrect implementation of the Autodiscover protocol, rather than a bug in Microsoft Exchange, is causing Windows credentials to be sent to third-party untrusted websites.

Underground marketplace and hacker forum, RaidForums, recently exposed internal pages from its website, meant for staff members only. RaidForums is a data breach marketplace where threat actors often sell or leak illicitly obtained data dumps.

Apache OpenOffice, one of the most popular open-source office productivity software suites, sports a RCE vulnerability that could be triggered via a specially crafted document. CVE-2021-33035 was discovered by researcher Eugene Lim via fuzzing and source code review of Apache OpenOffice.

In a recent Mozilla review of the privacy features of 21 popular video call apps, only two were singled out for outstanding features. Says Jen Caltrider, research lead at Mozilla: "Video call apps are now a routine part of millions of people's lives. And even when the pandemic recedes, that won't change. In this new world, people deserve to know if the apps they're using everyday respect their privacy - or if they're snooping on them."

VMware has fixed 19 vulnerabilities affecting VMware vCenter Server and VMware Cloud Foundation, the most critical of which is CVE-2021-22005. "This vulnerability can be used by anyone who can reach vCenter Server over the network to gain access, regardless of the configuration settings of vCenter Server," the company noted.

Nowadays, how does one separate employees' smartphones from the corporate network when they are used for multi-factor authentication and reading work emails? The internal to external network boundaries have become blurry. There are a range of security policies for dealing with users' smartphones, from the most restrictive approach - no smartphone access allowed - to an open approach that allows personal phones to connect to the internal corporate network.

In this interview with Help Net Security, Apoorv Agarwal, CEO at Text IQ, talks about the risk of unstructured data for organizations and the opportunity to leverage AI and automation to identify sensitive data at scale. Ideally, organizations should have a handle on where sensitive information is sitting in their data.