Security daily (11-03-2021)

051| Looking at Phishing Through the Intrusion Kill Chain

Phishing is the number one vector leading to data breaches. It's an easy, effective way for attackers to trick users into giving up credentials or running malicious code. While organizations cannot stop motivated attackers from trying to phish their employees, they can make it harder to succeed. F-Secure's director of consulting, Riaan Naudé, calls this building the path of most resistance. Riaan joins the show to talk about how companies can do just that by addressing the earlier stages of the intrusion kill chain. Also in this episode: The most important metric of phishing simulation, why feedback is important, and the phishing emails users fall for. Links: Episode 51 transcript Ebook - Combating Phishing: Building the Path of Most Resistance (Cyber Security Sauna)

How confidential are your calls? This iPhone app shared them with everyone

Caveat utilitor! Caveat emptor! Caveat programmator! (Naked Security)

S3 Ep23: Hafnium happenings, I see you, and Pythonic poison [Podcast]

New episode - listen now! (And find out what HAFNIUM really stands for.) (Naked Security)

F5, CISA Warn Of Critical BIG-IP And BIG-IQ RCE Bugs

(News ≈ Packet Storm)

This Trojan Malware Is Now Your Biggest Security Headache

(News ≈ Packet Storm)

Vexing Mystery Surrounds 0-Day Attacks On Exchange Servers

(News ≈ Packet Storm)

Bounty Hunter Hackers Earn $40m Thanks To Pandemic

(News ≈ Packet Storm)

Ransomware Attack Strikes Spain’s Employment Agency

Reports say that the agency in charge of managing Spain's unemployment benefits has been hit by the Ryuk ransomware. (Threatpost)

TrickBot Takes Over, After Cops Kneecap Emotet

TrickBot rises to top threat in February, overtaking Emotet in Check Point’s new index. (Threatpost)

NanoCore RAT Scurries Past Email Defenses with .ZIPX Tactic

A spam campaign hides a malicious executable behind file archive extensions. (Threatpost)

Microsoft Exchange Servers Face APT Attack Tsunami

At least 10 nation-state-backed groups are using the ProxyLogon exploit chain to compromise email servers, as compromises mount. (Threatpost)


/security-daily/ 12-03-2021 23:44:24