Security News

Researchers working for a French government agency have identified seven new Bluetooth vulnerabilities that could expose many devices to impersonation and other types of attacks. The flaws, discovered by researchers at France's national cybersecurity agency ANSSI, affect devices that support the Bluetooth Core and Mesh specifications, which define technical and policy requirements for devices operating over Bluetooth connections.

Threat actors are leveraging the supply chain to deliver various types of threats to organizations, and few of them are spared from such attacks, according to a new report from enterprise security company Proofpoint. During a seven-day window in February 2021, out of a total of 3,000 monitored organizations, Proofpoint reports that a whopping 98 percent were hit with a form of assault leveraging compromised supplier accounts and supplier impersonation.

Microsoft will make it easier for Defender for Office 365 customers to identify users and domains targeted in impersonation-based phishing attacks as recently revealed on the Microsoft 365 roadmap. Defender for Office 365 protects the emails of Office 365 enterprise accounts from various threats including but not limited to credential phishing and business email compromise.

The Better Business Bureau warned last week that the attack uses Zoom's logo, and in a message tells recipients that their Zoom accounts were suspended and to click a link to reactivate; or that they missed a Zoom meeting, and to click a link to see the details and reschedule. Another recent variant of the attack has been a message welcoming some recipients to the platform and requesting they click on a link to activate the account, said the BBB. In all cases, victims are taken to a phishing landing page, where they are asked to input their Zoom credentials.

In this article, I will focus on email impersonation attacks, outline why they are dangerous, and provide some tips to help individuals and organizations reduce their risk exposure to impersonation attacks. We can all follow some security hygiene best practices to reduce the risk of email impersonation attacks.

Trends in BEC and email security during Q2 2020 included a peaking and plateauing of COVID-19-themed email attacks, an increase in BEC attack volume and acceleration of payment and invoice fraud, according to an Abnormal Security report. There have been surges in COVID-19-themed email security attacks, which continued in Q2, with weekly campaign volume increasing 389% between Q1 and Q2. There has also been a continued increase in BEC attacks targeting finance department employees over C-level executives, which grew by 50% quarter-over-quarter.

Academic researchers have uncovered security vulnerabilities in Bluetooth Classic that allows attackers to spoof paired devices: They found that the bugs allow an attacker to insert a rogue device into an established Bluetooth pairing, masquerading as a trusted endpoint. The bugs allow Bluetooth Impersonation Attacks on everything from internet of things gadgets to phones to laptops, according to researchers at the École Polytechnique Fédérale de Lausanne in Switzerland.

Two separate attacks have targeted as many as 50,000 different Teams users, according to findings from Abnormal Security. If recipients click the link, they'll be presented with a button asking them to log in to Microsoft Teams - if that button is clicked, they're taken to a malicious page which impersonates the Microsoft Office login page in order to steal their credentials.

Setting out to find out, the researcher turned to the main domain registrars - GoDaddy, Namecheap and even Google Domains - to first see if he could snag appropriate URLs. "The great thing about using a proxy is that my domain's links previews, in every single platform, fetches Google Translate's exact description while pointing to my link," the researcher explained.

Researchers have found a way to impersonate mobile devices on 4G and 5G mobile networks, and are calling on operators and standards bodies to fix the flaw that caused it. Research into the vulnerability, conducted by academics at Ruhr Universität Bochum and New York University Abu Dhabi, is called Impersonation Attacks in 4G Networks, although deployment requirements for 5G networks mean that it could work on those newer systems too.