<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 11/4/2022


Top News

Attackers leverage Microsoft Dynamics 365 to phish users

Attackers are abusing Microsoft Dynamics 365 Customer Voice to evade email filters and deliver phishing emails into Microsoft users' inboxes, Avanan researchers are warning. Microsoft Dynamics 365 is a suite of enterprise resource planning (ERP) and customer relationship management (CRM) applications. Customer Voice is one of these applications, and it's used for collecting data and feedback from customers via surveys, phone calls, etc. READ MORE...


Hacker Charged With Extorting Online Psychotherapy Service

A 25-year-old Finnish man has been charged with extorting a once popular and now-bankrupt online psychotherapy company and its patients. Finnish authorities rarely name suspects in an investigation, but they were willing to make an exception for Julius "Zeekill" Kivimaki, a notorious hacker who - at the tender age of 17 - had been convicted of more than 50,000 cybercrimes, including data breaches, payment fraud, operating botnets, and calling in bomb threats. READ MORE...

Software Updates

Splunk Patches 9 High-Severity Vulnerabilities in Enterprise Product

Splunk announced on November 2 the release of a new set of quarterly patches for Splunk Enterprise, which include fixes for nine high-severity vulnerabilities. The most severe of these security defects have a CVSS score of 8.8 and are described as remote code execution (RCE), XML external entity (XXE) injection, and reflected cross-site scripting (XSS) bugs. The RCE vulnerabilities can be exploited by authenticated attackers to execute code via the Splunk Secure Gateway app. READ MORE...

Cisco Patches High-Severity Bugs in Email, Identity, Web Security Products

Cisco this week announced the release of patches for multiple vulnerabilities across its product portfolio, including high-severity defects in identity, email, and web security products. The most severe of these issues is CVE-2022-20961 (CVSS score of 8.8), a cross-site request forgery (CSRF) flaw in Identity Services Engine (ISE) that could allow an unauthenticated, remote attacker to perform arbitrary actions on a vulnerable device. READ MORE...


Emotet botnet starts blasting malware again after 4 month break

The Emotet malware operation is again spamming malicious emails after almost a four-month "vacation" that saw little activity from the notorious cybercrime operation. Emotet is a malware infection distributed through phishing campaigns containing malicious Excel or Word documents. When users open these documents and enable macros, the Emotet DLL will be downloaded and loaded into memory. READ MORE...

RomCom RAT malware campaign impersonates KeePass, SolarWinds NPM, Veeam

The threat actor behind the RomCom RAT (remote access trojan) has refreshed its attack vector and is now abusing well-known software brands for distribution. In a new campaign discovered by BlackBerry, the RomCom threat actors were found creating websites that clone official download portals for SolarWinds Network Performance Monitor (NPM), KeePass password manager, and PDF Reader Pro, essentially disguising the malware as legitimate programs. READ MORE...

On This Date

  • ...in 1916, American broadcast journalist Walter Cronkite, known as "the most trusted man in America", is born in Saint Joseph, MO.
  • ...in 1922, archaeologist Howard Carter's expedition finds the entrance to the tomb of of the Egyptian pharaoh Tutankhamun.
  • ...in 1979, the Iran hostage crisis begins when supporters of the Ayatollah Khomeini overrun the US embassy in Tehran, taking more than 90 hostages.
  • ...in 2010, former Cincinnati Reds manager George "Sparky" Anderson, who led the team to two consecutive championships in 1975 and 1976, passes away at his home.