Cybercriminals use Azure Front Door in phishing attacks

From helpnetsecurity.com

Resecurity, Inc. (USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. The identified resources in one of the malicious campaigns impersonated various services appearing to be legitimately created on the “azurefd.net” domain. This allows the bad actors to trick users and spread phishing content to intercept credentials from business applications and e-mail accounts.

Read more…

What’s happening in Ukraine on the Internet? – Data from Shodan Trends

From malware.news

JPCERT/CC Cyber Metrics Group utilizes various kinds of data in order to understand what is happening on the Internet and call for appropriate cybersecurity measures based on the analysis. For example, we operate TSUBAME [1], an Internet threat monitoring system, and Mejiro [2] , an Internet risk visualization service. In this article, we used data from Shodan Trends to check how the recent situation in Ukraine looks on the Internet.

Read more…

StillVulnerable Campaign for cyber attack victims to Speak Up

From cybersecurity-insiders.com

All these days, we have seen companies sharing their cyber attack experiences and intelligence with government and monitoring groups. But now, here’s a new platform where victims like businesses, activists and institutions can directly speak or share their digital assault experiences with the world.

Digital Peace Now launched a StillVulnerable campaign which acts as a platform where company representatives and individuals can speak about how a digital disruption has changed their lives by hitting their company hard on operational and financial note.

Read more…

Hackers Used Mitel Zero-Day Flaw To Target VOIP Appliances

From gbhackers.com

Hackers Used Mitel Zero-Day Flaw To Target VOIP Appliances

On Linux-based Mitel MiVoice VOIP appliances, hackers have used zero-day exploits to hack into the systems. These attempts appear to be the beginning of a larger ransomware attack in which they are attempting to get initial access.

The most critical organizations in various sectors rely on Mitel VOIP devices for their telephone communication needs. While an attack that amplifies DDoS attacks was recently perpetrated by threat actors by exploiting these vulnerable devices.

The security experts at CrowdStrike have claimed that the breach was first exploited to get access to the network through a zero-day RCE vulnerability that has been tracked as “CVE-2022-29499.”

Read more…

Threat actors stole $100M in crypto assets from Harmony

From securityaffairs.co

The incident response team announced that it has found no evidence of any breaches of the company smart contract codes or vulnerabilities on the Horizon platform. Harmony pointed out that the consensus layer of the Harmony blockchain remains secure.

“Our incident response team has discovered evidence that private keys were compromised, leading to the breach of the Horizon bridge. Funds were stolen on the Ethereum side of the bridge. The private keys were encrypted and stored by Harmony, with the keys doubly encrypted via passphrase and a key management service, and no single machine had access to multiple plaintext keys.” states the update published by the company. “The attacker was able to access and decrypt a number of these keys, including those used to sign the unauthorized transactions and take assets in the form of BUSB, USDC, ETH and WBTC. All assets were then swapped to ETH and currently remain on the hacker’s account on the Ethereum network. No steps have currently been taken by the hacker to anonymize ownership of these assets.”

Read more…

Scammer Who Used Info of Riot Games’ Co-Founder to Mine Crypto is Jailed

From hackread.com

A Singaporean national, Ho Jun Jia (a/k/a Matthew Ho, a/k/a, Prefinity a/k/a Ethereum Vendor), has been sentenced to ten years in jail for several offenses. He was sentenced on Thursday after pleading guilty to twelve charges, including cheating, drug consumption, and unauthorized access to computer material.

According to local media, fifteen additional charges were also considered for his sentencing. The convict is currently out on bail after his father paid $180,000. District Judge Brenda Tan let Ho defer serving a sentence by a month to fulfill personal commitments.

Read more…

Windows 10 22H2 accidentally confirmed by latest preview update

From bleepingcomputer.com

Windows 10

Microsoft has accidentally leaked that Windows 10 22H2 is on its way by including an enablement package in the latest Windows 10 KB5014666 preview update available to Insiders on the Release channel.

While Microsoft has always said that Windows 10 would continue to be supported through October 14, 2025, there has been no official announcement from Microsoft regarding the next version of the operating system.

Today, Microsoft has released the Windows 10 KB5014666 cumulative update preview to Windows Insiders on the Release channel, allowing them to test upcoming fixes before they are previewed by the larger Windows 10 user base next week.

According to Windows Latest, the latest Insider preview update includes an enablement package that allows you to “turn on” Windows 10 22H2 in the latest Windows 10 build with KB5014666 installed.

An enablement package acts as a “master switch” that enables dormant features already present in Windows 10 21H1 and upgrades the Windows version and build number.

Neowin, who also spotted the leak, provided additional instructions on enabling the package, which can be entered in a Windows 10 elevated command prompt.

Read more…