A naukri.com initiative
Sentinelone
1w
402
Image Credit: Sentinelone
The Good, the Bad and the Ugly in Cybersecurity – Week 2
- The U.S. government launched the Cyber Trust Mark as a cybersecurity label to help consumers identify smart products that meet NIST’s criteria.
- Integrity Tech, a company based in Beijing, has been sanctioned by the U.S. Treasury for its role in attacks led by Chinese state-sponsored threat actor Flax Typhoon.
- Attackers are exploiting neglected domains that lack DNS records to bypass security measures and trick victims into triggering the malware.
- Spoofed email addresses in malspam campaigns continue to work for attackers despite safeguards like DKIM, DMARC, and SPF designed to prevent attackers from spoofing well-known domains.
- Researchers have identified how these spam campaigns use disused domains to distribute phishing emails containing QR codes to malicious sites and steal users’ information.
- Chinese threat actor MirrorFace has been accused of targeting Japanese organizations and individuals via persistent attacks that started in 2019.
- MirrorFace operations can be broken down into three major campaigns, and all of them have leveraged advanced TTPs.
- The most recent malspam campaigns target industries like government and construction, using trusted platforms such as Canva and Dropbox to host phishing pages and launching SMS phishing schemes.
- Generic top-level domains (gTLDs) like .top and .xyz account for 37% of malicious domains due to low registration fees and lax regulations.
- Tools like PhishWP, a malicious WordPress plugin, are being employed to create fake payment gateways aim to harvest sensitive user information in real-time.
Read Full Article
24 Likes
For uninterrupted reading, download the app