WEEKLY CYBERSECURITY NEWSLETTER NO: 237
#WeeklyCybersecurityTip: Run effective phishing tests regularly for your employees.
Download newsletter here. To receive these direct to your inbox, sign up here.
1- Morgan Stanley fined millions for selling off devices full of customer PII
Morgan Stanley, which bills itself in its website title tag as the “global leader in financial services”, and states in the opening sentence of its main page that “clients come first”, has been fined $35,000,000 by the US Securities and Exchange Commission (SEC)… …for selling off old hardware device…Read more
2- URGENT! Microsoft Exchange double zero-day – “like ProxyShell, only different”
Just when you hoped the week would quieten down and yield you some SecOps downtime over the weekend… …and along comes a brand new zero-day hole in Microsoft Exchange! More precisely, two zero-days that can apparently be chained together, with the first bug used remotely to open enough of a hole to t…Read more
3- NetSupport RAT Uses Social Engineering Toolkits to Deploy Malware on Victim’s System
4- Hackers Targeting Multiple Military & Weapons Contractor Companies Using Powershell Stagers
Securonix Threat Labs has identified a new covert attack campaign targeting Military and Weapons Contractor companies including an F-35 Lightning II fighter aircraft components supplier. This campaign involved the use of PowerShell, secured C2 infrastructure and multiple layers of obfuscation in the…Read more