News for August 3, 2022


Phishing Scam Targets Microsoft Email Users
by Artie Kaye

A new phishing scam is making use of Microsoft’s mail system to target businesses.  A link will be sent to a user, if clicked it will look official.  The attacks utilize adversary-in-the-middle (AiTM.)  This means that the data sent from the user travels through the hands of the attacker before reaching a legitimate end point, in this case Microsoft’s email service.  As the data passes through the middleman it is harvested when going out, taking the important information; the data is edited when returning, displaying what the attacker wants the user to see.  URL redirection is used to trick the user into believing they are clicking legitimate links.  

Take precautions with emails.  If you are sent a link from someone you do not know, don’t click it.  Hovering over the link will usually display where the link directs, in the case of this scam, it will point to a legitimate website, but part of the URL will be a redirection.  If you happen to click, check the URL you’re taken to in the browser bar.  If you are ever prompted to change your passwords, navigate to the site requesting the change manually and login to check if it is real, or part of a phishing scam.

For an in depth look into how these attacks function, please check the zscaler blog post linked below.

https://www.zscaler.com/blogs/security-research/large-scale-aitm-attack-targeting-enterprise-users-microsoft-email-services

https://www.darkreading.com/attacks-breaches/massive-new-phishing-campaign-targeting-microsoft-email-users

Android Patch Fixes Bluetooth Flaw
by Artie Kaye

Google this week has patched many critical flaws for Android.  An escalation vector within Bluetooth was fixed, as well as many issues relating to components used within the devices.  Update your phones when patches become available.

The flaw is listed as CVE-2022-20345.

https://www.securityweek.com/google-patches-critical-android-flaw-allowing-remote-code-execution-bluetooth

https://www.infosecurity-magazine.com/news/google-patches-critical-android/