Attacks

After hacking well-known tech businesses worldwide — including Microsoft, Nvidia, Samsung, Ubisoft, Okta, Vodafone, and Mercado — the Lapsus$ gang has made news this year. In addition, seven people from the UK were detained by the City of London Police in late March on suspicion of connection to the Lapsus$ group. On April 2nd, two of them were accused of helping the Lapsus$ extortion group. Following their appearance before the Highbury Corner Magistrates Court, they…

Read More

Individuals that were potentially affected have an increased likelihood of becoming targets of phishing attempts. iDealwine has advised their customers to not respond to emails or open their attachments if they are unfamiliar of the source. Customers can reach out to iDealwine if they have any issues, and they claim their team will assist. Although passwords were encrypted, a good precautionary step would be to change those passwords, and make sure passwords aren’t reused on…

Read More

As time progresses, supply chain attacks are growing to become a popular attack vector among threat actors across the world. Fortunately, it seems that this vulnerability was not exploited in the wild in the seven months that it remained unpatched, but this will likely change. The problem with supply chain attacks is that in many instances, there are limited ways to detect them until they are more broadly known. It is recommended to have a…

Read More

SIM swapping attacks have gained popularity and are very useful to threat actors that already have breached credentials but get stopped from accessing accounts via Multi-Factor Authentication (MFA). MFA is always a recommended tool to add another layer of defense to credential theft, but it is typically recommended that MFA is provided through a trusted third-party application and never through a phone number. SIM swapping attacks are great example of why it is dangerous to…

Read More

MotW is an essential security mechanism, especially when it comes to malicious Microsoft Office documents that contain macros. By default, Office will only block macros in files that contain the MotW, allowing threat actors to abuse this flaw to smuggle in malicious macros with no warning to users. It is recommended to disable macros via Group Policy until Microsoft releases an official patch for the MotW flaw. https://www.bleepingcomputer.com/news/microsoft/windows-mark-of-the-web-bypass-zero-day-gets-unofficial-patch/

Read More