InfoSec Dot - Issue #25. 🔒 Phishing Scams Evolve | 🌍 Google’s Anti-Fraud Project | 🛡️ Okta Security Patch

Hi there,

Welcome to this Thursday's quick update edition of InfoSec Dot!

In this week’s issue, we tackle some pressing cybersecurity challenges and notable updates. Microsoft reports a troubling rise in phishing attacks leveraging trusted file-hosting services, while Google launches a global platform to tackle fraud and scams. We also cover Okta's recent patch addressing a policy bypass vulnerability in its Classic Applications.

With each article, we aim to keep you informed on how cyber threats are evolving and how to stay one step ahead.

Let’s dive in!

🗓️ What’s New

Palo Alto Networks Patches Critical Firewall Vulnerabilities
Palo Alto Networks has issued patches for several critical vulnerabilities in its PAN-OS firewalls, including issues that could allow unauthorized command execution and access to sensitive data. The vulnerabilities, with CVSS scores as high as 9.9, impact versions of the Expedition tool and underscore the need for immediate updates. Palo Alto Networks recommends that customers update their systems and rotate all credentials associated with affected firewalls. Read more (3 Mins)

Casio Confirms Unauthorized Network Access Incident

Casio has reported a network intrusion discovered on October 5, which resulted in system disruptions affecting some of its services. The company is working with external experts to investigate the breach and determine if any personal or sensitive information was compromised. Casio has taken immediate steps to limit external access and has notified relevant authorities about the incident. Read more (2 Mins)

MoneyGram Data Breach Exposes Customer Information
MoneyGram has disclosed a data breach that exposed customer personal information and transaction data. Hackers gained unauthorized access, compromising sensitive details such as names, addresses, and transaction histories. MoneyGram is currently investigating the breach and has taken steps to bolster its security measures to protect against future incidents. Read more (3 Mins)

Microsoft October 2024 Patch Tuesday Fixes 5 Zero-Days, 118 Vulnerabilities
Microsoft's October 2024 Patch Tuesday includes fixes for 118 security flaws, five of which are zero-day vulnerabilities, with two being actively exploited. These updates address critical vulnerabilities affecting various components, including remote code execution and privilege escalation issues. Users are urged to apply the patches immediately to secure their systems against potential threats. Read more (6 Mins)

Apple Introduces iPhone Mirroring on Mac with Potential Security Concerns
Apple's new iPhone Mirroring feature in macOS Sequoia and iOS 18 allows users to control their iPhone directly from a Mac, providing seamless app access and notifications. While this feature enhances productivity, it may also expose personal applications to corporate IT environments, raising potential privacy and security concerns for employees. Apple advises users to follow security best practices when utilizing this functionality. Read more (5 Mins)

Google Launches Global Scam and Fraud Data Exchange Project
Google has introduced the Global Signal Exchange (GSE), a platform designed to centralize and share data on scams and frauds. Developed in partnership with the Global Anti-Scam Alliance and DNS Research Federation, GSE aims to improve scam identification and disrupt fraudulent activities by sharing abuse signals globally. The platform will leverage AI to detect patterns and will initially pilot with scam data from Google Shopping. Read more (3 Mins)

Okta Patches Sign-On Policy Bypass in Classic Applications
Okta has issued a security advisory addressing a vulnerability in its Classic Application sign-on policy. The flaw could allow unauthorized users to bypass sign-on policies, potentially gaining access to restricted applications. Okta has recommended immediate updates and configuration changes for affected users to mitigate this issue and maintain secure access controls. Read more (2 Mins)

File Hosting Services Misused for Phishing
Microsoft reports a rise in phishing attacks exploiting trusted file hosting services like OneDrive, Dropbox, and SharePoint. Threat actors are using techniques such as view-only access and restricted sharing to avoid detection, making phishing links appear legitimate. These tactics are often used to facilitate business email compromise (BEC) attacks. Microsoft recommends using Conditional Access policies and multi-factor authentication (MFA) to protect against these sophisticated threats. Read more (10 Mins)

🔗 Quick Links

• Investigating Infrastructure and Tactics of Phishing-as-a-Service Platform Sniper Dz

• Find the Right Open Source Research Tools With Bellingcat’s New Online Investigations Toolkit

• How Generative AI Can Transform Security Tools: Innovations Ahead

• Evasion Tactics Used By Cybercriminals To Fly Under The Radar

If you like this issue, I'd really appreciate it if you could forward it to your friends and colleagues! Your support helps us grow and continue providing great content.

If you have specific feedback or anything interesting you’d like to share, please let me know by replying to this email.

Regards,

Dot