Cybersecurity researchers have discovered a case of “forced authentication” that could be exploited to leak a Windows user’s NT LAN Manager (NTLM) tokens by tricking a victim into opening a specially crafted Microsoft Access file.
The attack takes advantage of a legitimate feature in the database management system solution that allows users to link to external data sources, such as a remote SQL Server table.
“This feature can be abused by attackers to automatically leak the Windows user’s NTLM tokens to any attacker-controlled server, via any TCP port, such as port 80,” Check Point security researcher Haifei Li said. “The attack can be launched as long as the victim opens an .accdb or .mdb file. In fact, any more-common Office file type (such as a .rtf ) can work as well.”
“Malware free” attacks, attackers’ increased reliance on legitimate tools and scripting frameworks, and BEC scams were the most prominent threats small and medium businesses (SMBs) faced in Q3 2023, says the inaugural SMB Threat Report by Huntress, a company that provides a security platform and services to SMBs and managed service providers (MSPs).
As technology continues to evolve and expand its reach into every facet of our lives, so do the threats posed by cyber criminals and nation-state actors. In our Google Cloud Cybersecurity Forecast 2024, we note several cybersecurity trends that organizations should prepare for in the coming year.
With the holiday season upon us, beware “gifts” nobody wants: email fraud and cyberattacks.
Cybercriminals take advantage of consumers’ attention on a particular subject — like, for example, Black Friday or Cyber Monday sales — to run scams, or they use the distraction of the moment to cause disruption.
They’ll slip into the rush of urgent emails offering limited-time deals, hoping to disguise themselves as legitimate retailers. With the National Retail Federation predicting a record high in spending over the holidays in 2023, cybersecurity is especially important.