Indeed platform hack: US execs targeted in phishing attacks

Oct 05 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that’s more concerned about the β€˜hurricane’ of cybercrime heading to our shores #SuelladeVil 😏

Today’s hottest cybersecurity news stories:

  • πŸ” Indeed platform hack: US execs targeted in phishing attacks 🎣

  • πŸ–₯️ Microsoft patches zero-day flaws in Edge, Teams, Skype 🩹

  • πŸ‘¨β€πŸ’» Hackers are exploiting bugs left & right via file transfer tool πŸ“₯

Indeed: We need better cybersecurity

Hackers: Indeed you do πŸ’€

 

giphy.com

 

πŸ”’ Cybersecurity Alert: Executives Targeted in New Phishing Scam! πŸ”

Wassup, cyber-squad! πŸ‘‹ We’ve got another hot cybersecurity scoop for you today! πŸ”₯

🚨 The Threat: Cybersecurity gurus at Menlo Security have issued a warning about a sneaky phishing campaign targeting big-shot executives. 😨 The attackers are using a clever trick involving the popular job-hunting site Indeed.

🌐 Indeed’s Popularity: Indeed, the go-to place for job seekers worldwide, with 350 million monthly visitors and 14,000 global employees, is the perfect disguise for these cybercriminals.

πŸ‘Ώ How They Do It: Starting in July 2023, these baddies exploited a weakness in Indeed’s website to trick victims into handing over their Microsoft credentials. 😑 They mainly went after C-suite executives in sectors like banking, insurance, property, and manufacturing.

πŸ“§ The Sneaky Email: Victims receive an email with a link that looks like it’s taking them to Indeed. But when they click it, they end up on a fake Microsoft login page created with the EvilProxy phishing framework.

πŸ”‘ What’s at Risk: The hackers steal not only login info but also session cookies, giving them access to victims’ Microsoft accounts, even getting around multi-factor authentication! 😱

πŸ€– Techy Stuff: This attack worked because Indeed’s website could be used to redirect visitors to shady places. The hackers even set up their phishing pages on special servers.

πŸš€ The Bigger Picture: Menlo Security says this is just the beginning. Once hackers have your account info, they can do all sorts of damage, from identity theft to major financial losses. 😰

πŸ”— Similar Attacks: Proofpoint recently spotted a similar phishing campaign targeting execs using a tool called EvilProxy, using services like YouTube for their tricks.

πŸ”’ Stay Safe: Always be cautious with emails and links, especially if they seem fishy. πŸ‘€ And make sure your online accounts have strong security settings.

πŸ“’ Action Pending: Menlo Security reported the issue to Indeed, but no word yet on a fix. We’ll keep you updated!

Keep those cyber-eyes peeled, and stay safe out there! πŸŒπŸ’»πŸ›‘οΈ

 

Clean your Mac or PC

 

Cybersecurity is more important than ever, and your Mac or PC are no exception. Over time, your Mac or PC can accumulate junk files, malware, and other threats that can slow it down and make it vulnerable to attack.

That’s where MacPaw comes in. MacPaw offers a suite of easy-to-use apps that can help you clean, optimize, and secure your Mac. With MacPaw, you can:

  • Remove junk files and malware to free up space and improve performance

  • Protect your privacy by erasing sensitive data

  • Optimize your startup settings to speed up boot times

  • Manage your extensions and apps to keep your Mac or PC running smoothly

Since 2008 MacPaw is trusted by over 30 million users worldwide, and it’s the perfect solution for keeping your Mac or PC safe and secure.

Microsoft Edges out bugs; Teams is no longer teeming 😁

πŸ›‘οΈ Microsoft Releases Urgent Security Updates! πŸ†˜

πŸš€ Microsoft has just dropped some critical updates to keep your digital world safe. Here’s what you need to know! πŸ€“πŸ”’

πŸ”₯ The Issue: Microsoft detected two sneaky zero-day vulnerabilities in some of its popular products – Edge, Teams, and Skype. 😱 These bugs are hiding in open-source libraries used by these apps.

πŸ› The Bugs: The first one, CVE-2023-4863, is caused by a weakness in the WebP code library (libwebp). It can lead to crashes or let attackers run their code on your device. The second, CVE-2023-5217, messes with the VP8 encoding in the libvpx video codec library, also causing crashes and allowing hackers to run their own code.

🌐 Widespread Impact: These libraries are used in many projects and apps, like web browsers (Safari, Firefox, Edge, Opera), 1Password, and Signal. So, it’s not just a Microsoft problem.

πŸ” Microsoft’s Response: Redmond acted fast and released patches for these issues. Affected products include Microsoft Edge, Microsoft Teams for Desktop, Skype for Desktop, and Webp Image Extensions. Keep your Microsoft Store updates on to get the fix automatically.

πŸ•΅οΈ Exploited in the Wild: These bugs were found being exploited by unknown attackers, but details are hush-hush. Apple, Google, and Citizen Lab reported them.

🚧 Watch Out: Be cautious! Until everyone gets the fix, some info might stay under wraps to protect users.

Stay sharp out there, and don’t forget to update your Microsoft apps! πŸš¨πŸ’»

🎣 Catch of the Day!! 🌊🐟🦞

Our new segment where we pick out some cool sites we like, reply to the mail and let us know what you think.

πŸƒΒ The Motley Fool: β€œFool me once, shame on β€” shame on you. Fool me β€” you can’t get fooled again.” Good ol’ George Dubya πŸ˜‚ Let us tell who’s not fooling around though; that’s the CrΓΌe πŸ‘€ at Motley Fool. You’d be a fool (alright, enough already! πŸ™ˆ) not to check out their Share Tips from time to time so your savings can one day emerge from their cocoon as a beautiful butterfly! πŸ› Kidding aside, if you check out their website they’ve actually got a ton of great content with a wide variety of different investment ideas to suit most budgets πŸ€‘Β (LINK)


🚡 Wander: Find your happy place. Cue Happy Gilmore flashback πŸŒοΈβ›³πŸŒˆπŸ•ŠοΈ Mmmm Happy Place… πŸ˜‡ So, we’ve noticed a lot of you guys are interested in travel. As are we! We stumbled upon this cool company that offers a range of breath-taking spots around the United States and, honestly, the website alone is worth a gander. When all you see about the Land of the free and the home of the brave is news of rioting, looting and school shootings, it’s easy to forget how beautiful some parts of it are. The awe-inspiring locations along with the innovative architecture of the hotels sets Wander apart from your run of the mill American getaway 🏞️😍 (LINK)


🌊 Digital Ocean: If you build it they will come. Nope, we’re not talking about a baseball field for ghosts βšΎπŸ‘»πŸΏ (Great movie, to be fair πŸ™ˆ). This is the Digital Ocean who’ve got a really cool platform for building and hosting pretty much anything you can think of. If you check out their website you’ll find yourself catching the buzz even if you can’t code (guilty πŸ˜‘). But if you can and you’re looking for somewhere to test things out or launch something new or simply enhance what you’ve got, we’d recommend checking out their services fo’ sho πŸ˜‰ And how can you not love their slogan: Dream it. Build it. Grow it. Right on, brother! 🌿 (LINK)

Haters gonna hate & Hackers gonna hack πŸ˜‘

🚨 Cybersecurity Alert: Hackers Exploiting Browser & File Transfer Tool Bugs! πŸ›‘οΈ

Following on from the above story, let’s take a closer look at how these bad actors (nope, we’re not talking about Jackie Chan or Steven Seagal! πŸ™ˆ) have been exploiting these recently exposed vulnerabilities (some patched, some not πŸ’€).

🌐 Browser Bug Exploits: Hackers are having a field day with two vulnerabilities! The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on CVE-2023-5217. This bug affects Google Chrome, Mozilla Firefox, and more.

It’s being used by commercial spyware vendors. 😨 Google is keeping details hush-hush so users can install fixes. The bug messes with a media tool in browsers and potentially other platforms, making it a big concern. πŸ•΅οΈβ€β™‚οΈ

πŸ”„ Open Source Insecurity: The flaws in these tools raise eyebrows about the security of open source software, which is used in many products. The White House even held a summit addressing this issue recently.

πŸ“ File Transfer Tool Under Attack: Progress Software, the creators of MOVEit, found vulnerabilities in WS_FTP Server. Experts initially breathed a sigh of relief, but then the first exploitation cases were spotted.

Ransomware gangs might be getting in on the action. A proof-of-concept exploit was published, which didn’t sit well with Progress Software. They urge users to patch up quickly. πŸ›‘οΈ

πŸ” The Numbers Game: Estimates vary on the number of vulnerable systems, but it’s a serious issue affecting large organisations, governments, and educational institutions. Cautious optimism remains, as some servers have disabled the vulnerable module. πŸ“Š

Stay on your guard, update your software, and keep an eye out for the latest security news. πŸš€πŸ’»

πŸ—žοΈ Extra, Extra! Read all about it!

Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!

  • πŸ’ŠΒ HealthHack:Β Tech is making it easier than ever to reach your fitness goals, from wearable devices to nutrition apps, this newsletter does the research for you, get all the latest health tech gadgets delivered to your inbox.

  • β‚Ώ Crypto Nutshell: A well written and beautifully designed newsletter giving you the lowdown on crypto and web3, highly recommend if interested to get up to date info on the crypto/web3 market.

  • 🧠 Big Brain: Trending AI news, jobs and tools delivered in 3 minutes per day.

Let us know what you think!

So long and thanks for reading all the phish!

Recent articles