Security News

Attackers are on the prowl for enterprise Microsoft Outlook credentials, with a new phishing campaign that leverages email-quarantine policies and uses an overlay screen tactic - on top of legitimate company webpages - to lure in victims. The initial email said, the company's email system "Failed to process new messages in the inbox folder," and "Two valid email messages have been held and quarantined for deletion." It asked the target to review the messages and recover their lost mail in the inbox folder - or they will be automatically deleted after three days.

Turkish-speaking cybercriminals are sending Instagram users seemingly legitimate messages from the social media company, with the aim of stealing their Instagram and email credentials. While previous phishing messages leveraging Instagram as a lure have been sent via email, the attackers in this campaign send the phishing messages on Instagram's platform itself.

Adobe has made available in open source a tool designed to identify randomly generated strings in any plain text. Dubbed Stringlifier, the tool was written in Python and leverages machine learning to differentiate random character sequences from normal text sequences.

Trends in BEC and email security during Q2 2020 included a peaking and plateauing of COVID-19-themed email attacks, an increase in BEC attack volume and acceleration of payment and invoice fraud, according to an Abnormal Security report. There have been surges in COVID-19-themed email security attacks, which continued in Q2, with weekly campaign volume increasing 389% between Q1 and Q2. There has also been a continued increase in BEC attacks targeting finance department employees over C-level executives, which grew by 50% quarter-over-quarter.

Cisco informed customers on Wednesday that it has patched a critical default credentials vulnerability affecting some configurations of its ENCS 5400-W series and CSP 5000-W series appliances. The Cisco Cloud Services Platform for WAAS is a hardware platform designed for the deployment of datacenter network function virtualization, and the Cisco Enterprise Network Compute System is a hybrid platform for branch deployment and for hosting WAAS applications.

Cado Security has identified a crypto-mining worm that attempts to steal Amazon Web Services credentials belonging to the organizations whose systems it has infected. The TeamTNT worm can also scan for open Docker APIs, execute Docker images and install itself.

Auth0 launched Bot Detection, a new security feature that reduces the effectiveness of a credential stuffing attack by as much as 85%, with minimal impact on user experience. Bot Detection is a powerful addition to the company's expanding security portfolio, and works in tandem with Auth0 Breached Password Detection, Brute Force Protection, and Multi-factor Authentication, to provide extensive mitigation against a variety of sophisticated threats, including automated attacks, account takeovers, phishing attacks, and more.

Auth0 claims it can reduce the effectiveness of attacks using them by 85% with its new bot detection tool. Access control provider Auth0 has released a new set of tools that it said can reduce the effectiveness of credential stuffing attacks by 85%. The new features are lumped together in what Auth0 calls Bot Detection, and all are designed to reduce the chance that a credential stuffing attack is successful.

A malicious cryptocurrency miner and DDoS worm that has been targeting Docker systems for months now also steals Amazon Web Services credentials. The worm still scans for open Docker APIs, then spins up Docker images and install itself in a new container, but it now also searches for exploitable Kubernetes systems and files containing AWS credentials and configuration details - just in case the compromised systems run on the AWS infrastructure.

The Michigan institution announced its plan on July 28, which calls for testing coordinated by Testing Centers of America and the use of a health monitoring app called Aura Sequential Testing. "All students will utilize Aura, an app developed by Nucleus Healthcare, that organizes the College's COVID-19 testing and public health approach," Albion said in a statement.