MFA Bypass, Ukraine attack, NSO Group & QR Code  

 

Cybersecurity News

CyberHub Podcast

January 19th, 2022

 

Today's Headlines and the latest #cybernews from the desk of the #CISO:

Office 365 phishing attack impersonates the US Department of Labor

Multi-Factor Authentication Bypass Led to Box Account Takeover

New White Rabbit ransomware linked to FIN8 hacking group

Ukraine Attacks Involved Exploitation of Log4j, October CMS Vulnerabilities

NSO Group “Pegasus” used against Israeli citizens by Police

Crooks are using fake QR codes

 

Story Links:

https://www.bleepingcomputer.com/news/security/office-365-phishing-attack-impersonates-the-us-department-of-labor/ (https://www.bleepingcomputer.com/news/security/office-365-phishing-attack-impersonates-the-us-department-of-labor/)

https://www.securityweek.com/multi-factor-authentication-bypass-led-box-account-takeover (https://www.securityweek.com/multi-factor-authentication-bypass-led-box-account-takeover)

https://www.bleepingcomputer.com/news/security/new-white-rabbit-ransomware-linked-to-fin8-hacking-group/ (https://www.bleepingcomputer.com/news/security/new-white-rabbit-ransomware-linked-to-fin8-hacking-group/)

https://www.securityweek.com/ukraine-attacks-involved-exploitation-log4j-october-cms-vulnerabilities (https://www.securityweek.com/ukraine-attacks-involved-exploitation-log4j-october-cms-vulnerabilities)

https://www.timesofisrael.com/comptroller-to-probe-spyware-use-on-citizens-as-outraged-lawmakers-demand-inquiry/ (https://www.timesofisrael.com/comptroller-to-probe-spyware-use-on-citizens-as-outraged-lawmakers-demand-inquiry/)

https://www.zdnet.com/article/fbi-warning-crooks-are-using-fake-qr-codes-to-steal-your-passwords-and-money/ (https://www.zdnet.com/article/fbi-warning-crooks-are-using-fake-qr-codes-to-steal-your-passwords-and-money/)

 

“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine (https://jamesazar.substack.com/p/the-microsoft-doctrine)

 

The Practitioner Brief is sponsored by:

KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub (https://info.knowbe4.com/phishing-security-test-cyberhub) 

******

Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Digital Debate, and Other Side of Cyber

James on Linkedin: https://www.linkedin.com/in/james-azar-a1655316/ (https://www.linkedin.com/in/james-azar-a1655316/)

Telegram: CyberHub Podcast

******

Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=http%3A%2F%2Fbit.ly%2Fcyberhubengage-newsletter)

******

Website: https://www.cyberhubpodcast.com (https://www.youtube.com/redirect?v=64OtAZsDEeo&event=video_description&redir_token=7clfSb1AyXDXZa4GVIPiUJ3h9LB8MTU5MDU5MjczOUAxNTkwNTA2MzM5&q=https%3A%2F%2Fwww.cyberhubpodcast.com)

Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw (https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw)

Facebook: https://www.facebook.com/CyberHubpodcast/ (https://www.facebook.com/CyberHubpodcast/)

Linkedin: https://www.linkedin.com/company/cyberhubpodcast/

Twitter: https://twitter.com/cyberhubpodcast (http://www.twitter.com/cyberhubpodcast)

Instagram: https://www.instagram.com/cyberhubpodcast

Listen here: https://linktr.ee/cyberhubpodcast (https://linktr.ee/cyberhubpodcast)

 

The Hub of the Infosec Community.

Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.