The hybrid working model is the new norm due to its effectiveness and the productivity it offers. However, it does pose significant drawbacks to an organization's network security, making it vulnerable to several cyber-attacks such as credential harvesting.

mr.d0x, a security researcher who previously released phishing tactics such as browser-in-the-browser (BitB) and utilized NoVNC to circumvent two-factor authentication (2FA), has released a new phishing attack method that exploits WebView2 applications to steal cookies and credentials. The code base utilizes a modified version of Microsoft’s WebView2 Samples repository. Microsoft has developed a new module called “Microsoft Edge WebView2 control”.

A $10 million reward is being offered for information leading to the identification or location of malicious hackers working with North Korea to launch cyber attacks on US critical infrastructure. The offer comes from the US State Department which is understandably eager to disrupt the activities of hacking gangs linked to foreign governments who may have engaged in espionage, cryptocurrency theft, and other malicious activities.

Cybercrime has become more prevalent since the start of the COVID-19 pandemic. Indeed, 81% of organizations worldwide experienced an uptick in cyber threats and 79% suffered downtime due to cyberattacks during peak season, according to a 2021 report by McAfee Enterprise and FireEye. Attacks have also become more complex. IBM and the Ponemon Institute report that the average time to spot and contain a data breach in 2021 was 287 days, a week longer than in 2020.

In this blog post, we discuss the different types of challenges that third party relationships present and outline specific ways to defend against them. Third party risk is created when companies in an organisation’s supply chain have access to its data, systems or privileged information. This can lead to issues such as data breaches, IP theft or other security incidents. Organisations can be held accountable for security breaches even if they originate from a third party.

A buffer overflow is a type of runtime error that allows a program to write past the end of a buffer or array — hence the name overflow — and corrupt adjacent memory. Like most bugs, a buffer overflow doesn’t manifest at every program execution. Instead, the vulnerability is triggered under certain circumstances, such as unexpected user input.

Healthcare organizations such as hospitals and clinics are vulnerable to all manner of cyberattacks, particularly phishing and business email compromise (BEC) scams, man-in-the-middle (MitM) attacks, and data breaches. Third-party risks and ransomware risks are also serious security problems in healthcare, especially in the post-COVID era. The medical world had already noted such cyberattacks years ago. The COVID-19 pandemic only underlined those worries about cyber attacks.

A possible method of attacking your code base is a bit of social engineering that involves using open source to report potential bugs in software that provides reproduction applications. These applications can include malicious code that can compromise your software and applications. In the blog post, we’ll briefly look at why and how they operate, and how to mitigate this practice.

Have you looked into some of the most well-known Active Directory (AD) attacks from around the world? Do you understand the nuances of these popular attacks and can you put the AD fundamentals you learned in the earlier parts of this blog series to good use?

Read also: Knauf Group hit with Black Basta ransomware, 50,000 payment cards compromised in the Magecart campaigns, and more.