Beware Phishing Attacks with Open Redirect Links | #emailsecurity | #phishing | #ransomware | #cybersecurity | #infosecurity | #hacker | National Cyber Security

Beware Phishing Attacks with Open Redirect Links | #emailsecurity | #phishing | #ransomware | #cybersecurity | #infosecurity | #hacker | National Cyber Security

Ongoing Campaign Also Uses Malicious CAPTCHA Verification PageMihir Bagwe •August 30, 2021     Phishing email using a Zoom meeting subject line (Source: Microsoft) Microsoft is warning of a “widespread” phishing campaign in which fraudsters use open redirect links to lure users to malicious websites to harvest Office 365 and other credentials, according to a…

Linphone SIP Stack Bug Could Let Attackers Remotely Crash Client Devices

Linphone SIP Stack Bug Could Let Attackers Remotely Crash Client Devices

Linphone SIP Stack Bug Could Let Attackers Remotely Crash Client Devices | IT Security News 1. September 2021 This article has been indexed from The Hacker News Cybersecurity researchers on Tuesday disclosed details about a zero-click security vulnerability in Linphone Session Initiation Protocol (SIP) stack that could be remotely exploited without any action from a…

Vulnerability Allows Remote DoS Attacks Against Apps Using Linphone SIP Stack

Vulnerability Allows Remote DoS Attacks Against Apps Using Linphone SIP Stack

A serious vulnerability affecting the Linphone Session Initiation Protocol (SIP) client suite can allow malicious actors to remotely crash applications, industrial cybersecurity firm Claroty warned on Tuesday. SIP is a signaling protocol designed for initiating, maintaining and terminating communication sessions. The protocol is often used for voice, video, instant messaging, and other types of applications….

Agencies warn of ransomware threats ahead of Labor Day weekend

Agencies warn of ransomware threats ahead of Labor Day weekend

Federal agencies are warning of potential ransomware attacks targeted at U.S. organizations ahead of Labor Day weekend following cyberattacks during previous holidays this year.  The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday issued an alert outlining their concerns, noting that while there was no intelligence around specific threats, other holiday weekends…

Vulnerability Allows Remote DoS Attacks Against Apps Using Linphone SIP Stack

Vulnerability Allows Remote DoS Attacks Against Apps Using Linphone SIP Stack

A serious vulnerability affecting the Linphone Session Initiation Protocol (SIP) client suite can allow malicious actors to remotely crash applications, industrial cybersecurity firm Claroty warned on Tuesday. SIP is a signaling protocol designed for initiating, maintaining and terminating communication sessions. The protocol is often used for voice, video, instant messaging, and other types of applications….

Federal Departments Ordered to Improve Logging Capabilities

Federal Departments Ordered to Improve Logging Capabilities

Governance & Risk Management , Government , Incident & Breach Response OMB Memo Describes Steps Agencies Must Take to Report Cyber Incidents Scott Ferguson (Ferguson_Writes) • August 31, 2021     Acting OMB Director Shalanda Young (Photo: U.S. Senate Banking Committee) The White House is ordering U.S. agencies to improve their logging capabilities to better…

SEC Sanctions Several Companies Over Email Account Hacking

SEC Sanctions Several Companies Over Email Account Hacking

The U.S. Securities and Exchange Commission (SEC) this week announced sanctions against several companies over cybersecurity failures that resulted in email accounts getting hacked and the exposure of customer information. A total of eight entities belonging to three companies have been sanctioned by the SEC, including Cetera (Advisor Networks, Investment Services, Financial Specialists, Advisors, and…

SEC Sanctions 8 Firms for ‘Deficient Cybersecurity Procedures’

SEC Sanctions 8 Firms for ‘Deficient Cybersecurity Procedures’

Finance & Banking , Industry Specific , Security Operations Regulator Cites Email Takeovers, Inadequate Incident Response Dan Gunderman (dangun127) • September 1, 2021     (Photo: Securities and Exchange Commission via Flickr) The U.S. Securities and Exchange Commission sanctioned eight financial firms for alleged failures related to cybersecurity policies and procedures, each stemming from email…