Security News > 2022 > November

Internet domains for the popular Z-Library online eBook repository were seized early this morning by the U.S. Department of Justice, preventing easy access to the service. These domains initially showed that the U.S. government seized the domains and switched their DNS servers to NS1.SEIZEDSERVERS.COM and NS2.SEIZEDSERVERS.COM, two DNS servers commonly used by the U.S and law enforcement in domain seizures.

The Robin Banks phishing-as-a-service platform is back in action with infrastructure hosted by a Russian internet company that offers protection against distributed denial-of-service attacks. Robin Banks faced operational disruption in July 2022, when researchers at IronNet exposed the platform as a highly threatening phishing service targeting Citibank, Bank of America, Capital One, Wells Fargo, PNC, U.S. Bank, Santander, Lloyds Bank, and the Commonwealth Bank.

Microsoft is now blocking the Windows 11 2022 Update from being offered on some systems because of compatibility issues with the Xbox Game Bar Capture feature. "You are more likely to encounter this issue when using the 'Record last 30 seconds' feature when 'Record in the background while I'm playing game' is enabled in Xbox Game Bar," Microsoft explains in a new Windows health dashboard entry.

Prevention is often seen as the responsibility of the software developer, as they are required to securely develop and deliver code, verify third party components, and harden the build environment. The supplier also holds a critical responsibility in ensuring the security and integrity of our software.

The Transparent Tribe threat actor has been linked to a new campaign aimed at Indian government organizations with trojanized versions of a two-factor authentication solution called Kavach. The cybersecurity company said the advanced persistent threat group has also conducted low-volume credential harvesting attacks in which rogue websites masquerading as official Indian government websites were set up to lure unwitting users into entering their passwords.

Not too long ago, there was a clear separation between the operational technology that drives the physical functions of a company - on the factory floor, for example - and the information technology that manages a company's data to enable management and planning. Not so long ago, any data exchange between IT and OT operated via a "Sneaker net." An operator would physically go to a terminal connected to the OT device, offload data covering a recent period, and carry the offloaded data to their workstation, where they then upload it to the organization's IT system.

' It's a quotation which could easily be applied to the rapid growth of cloud application and service provision, and the accompanying threats to cyber security which have expanded in parallel. If this incurs a sense of anxiety, fear not! Once identified, any cyber threat can be prevented from causing too much damage.

Attackers are abusing Microsoft Dynamics 365 Customer Voice to evade email filters and deliver phishing emails into Microsoft users' inboxes, Avanan researchers are warning.Microsoft Dynamics 365 is a suite of enterprise resource planning and customer relationship management applications.

The U.S. Cybersecurity and Infrastructure Security Agency has published three Industrial Control Systems advisories about multiple vulnerabilities in software from ETIC Telecom, Nokia, and Delta Industrial Automation. Prominent among them is a set of three flaws affecting ETIC Telecom's Remote Access Server, which "Could allow an attacker to obtain sensitive information and compromise the vulnerable device and other connected machines," CISA said.

Following Musk's tweets, BleepingComputer observed newer phishing campaigns emerging with threat actors now targeting verified accounts. Like many phishing emails, these emails convey a false sense of urgency, urging the user to sign-in to their Twitter account or risk "Suspension."