7 deadly NFT scams that are targeting brands
Learn about seven significant non-fungible token (NFT) cybersecurity risks that security leaders must be aware of.
ISC StormCast for Tuesday, June 7th, 2022
MS-MSDT RTF Maldocs Analysis oledump Plugins
https://isc.sans.edu/forums/diary/msmsdt+RTF+Maldoc+Analysis+oledump+Plugins/28718/
Cybercriminals Exploit Reverse Tunnel Services and URL Shorteners
https://cloudsek.com/whitepapers_reports/cybercriminals-exploit-reverse-tunnel-services-and-url-shorteners-to-launch-large-scale-phishing-campaigns/
Unpatched Horde Webmail Bug
https://blog.sonarsource.com/horde-webmail-rce-via-email/
Clickstudio (Passwordstate) Code Signing Cert Used by Follina Malware
https://cloudsek.com/whitepapers_reports/cybercriminals-exploit-reverse-tunnel-services-and-url-shorteners-to-launch-large-scale-phishing-campaigns/
.jpg?1654528879)
Axon Ethics Board members resign after company announces plans to build taser-equipped drones
Nine Axon AI Ethics Board members resigned following Axon’s announcement last week that it will build drones equipped with Tasers and real-time surveillance to tackle mass shootings.
Chris Krebs named Chair of Rubrik’s New CISO Advisory Board
As Chair of Rubrik’s CISO Advisory Board, Chris Krebs will create and lead a strategic CISO advisory board to help private and public sector organizations tackle the unprecedented growth of cyberattacks, including ransomware.
ISC StormCast for Monday, June 6th, 2022
Sandbox Evasion… With Just a Filename!
https://isc.sans.edu/forums/diary/Sandbox+Evasion+With+Just+a+Filename/28708/
Atlassian Exploit Released
https://www.rapid7.com/blog/post/2022/06/02/active-exploitation-of-confluence-cve-2022-26134/
GitLab Critical Security Release
https://about.gitlab.com/releases/2022/06/01/critical-security-release-gitlab-15-0-1-released/
U-Boot Vulnerablities
https://research.nccgroup.com/2022/06/03/technical-advisory-multiple-vulnerabilities-in-u-boot-cve-2022-30790-cve-2022-30552/
Unisoc Baseband Chip Vulnerability
https://research.checkpoint.com/2022/vulnerability-within-the-unisoc-baseband/
Security researchers target bug bounties for cyber insights
Do security researchers and ethical hackers learn more about cybersecurity from their employer, schooling or bug bounty experience? The Ethical Hacker Insights Report 2022 surveyed 1,181 people with cybersecurity experience to learn more.
Four disruptions to plan for in the event of severe weather
To help prepare for weather disasters, consider these four most common weather-related disruptions to the business.
How LiDAR augments camera systems and security operations
While LiDAR won’t be replacing camera systems any time soon, the technology can help turn idle cameras into smart security devices to increase security response and reduce false alarms.
Using voice to improve your emergency evacuation plan
During emergency evacuations, security teams need voice and audio technology at their fingertips to enhance situational awareness, communicate clear instructions, institute a safe exit.
