Tag: fake

security

SANS Stormcast Monday, March 2nd, 2026: Reversing Fake Fedex; Abusing .ARPA; MSFT Authenticator Update; Apex One Vuln; Special AirSnitch Webcast

Fake Fedex Email Delivers Donuts! https://isc.sans.edu/diary/Fake%20Fedex%20Email%20Delivers%20Donuts!/32754 Abusing .ARPA: The TLD that isn t supposed to host anything https://www.infoblox.com/blog/threat-intelligence/abusing-arpa-the-tld-that-isnt-supposed-to-host-anything/ MC1179154 – Microsoft Authenticator app: Upcoming changes to jailbreak and root detection https://mc.merill.net/message/MC1179154 SECURITY BULLETIN: Apex One and Apex One (Mac) – February 2026 https://success.trendmicro.com/en-US/solution/KA-0022458 Special Webcast: AirSnitch How Worried Should You Be? https://www.sans.org/webcasts/airsnitch-how-worried-should-you-be

Mehr lesen →
security

SANS Stormcast Wednesday, February 18th, 2026: IR Phishing; Neenadu Android Backdoor; NiFi Bugs; LLMs Phishing; Encrypted RCS

Fake Incident Report Used in Phishing Campaign https://isc.sans.edu/diary/Fake%20Incident%20Report%20Used%20in%20Phishing%20Campaign/32722 Divide and conquer: how the new Keenadu backdoor exposed links between major Android botnets https://securelist.com/keenadu-android-backdoor/118913/ CVE-2026-25903: Apache NiFi: Missing Authorization of Restricted Permissions for Component Updates https://seclists.org/oss-sec/2026/q1/166 The Next Frontier of Runtime Assembly Attacks: Leveraging LLMs to Generate Phishing JavaScript in Real Time https://unit42.paloaltonetworks.com/real-time-malicious-javascript-through-llms/ Encrypted RCS in […]

Mehr lesen →
security

SANS Stormcast Monday, December 1st, 2025: More ClickFix; Teams Guest Access; Geoserver XXE Vulnerablity

Fake adult websites pop realistic Windows Update screen to deliver stealers via ClickFix The latest variant of ClickFix tricks users into copy/pasting commands by displaying a fake blue screen of death. https://www.acronis.com/en/tru/posts/fake-adult-websites-pop-realistic-windows-update-screen-to-deliver-stealers-via-clickfix/ B2B Guest Access Creates an Unprotected Attack Vector Users may be tricked into joining an external Teams workspace as a guest, bypassing protections […]

Mehr lesen →
security

SANS Stormcast Friday, June 6th, 2025: Fake Zoom Clients; Python tarfile vulnerability; HPE Insight Remote Support Patch

Be Careful With Fake Zoom Client Downloads Miscreants are tricking victims into downloading fake Zoom clients (and likely other meeting software) by first sending them fake meeting invites that direct victims to a page that offers malware for download as an update to the Zoom client. https://isc.sans.edu/diary/Be%20Careful%20With%20Fake%20Zoom%20Client%20Downloads/32014 Python tarfile Vulnerability Recently, the Python tarfile module […]

Mehr lesen →