The NJCCIC’s email security solution detected a new credential and card harvesting phishing scheme impersonating American Express. Several subject lines were utilized in this campaign. Upon clicking the provided link, users are redirected to a webpage imitating a login page.
The NJCCIC recently received an incident report regarding search engine optimization (SEO) poisoning. An individual searched for Facebook’s Help Center using a popular search engine and found a fictitious 1-888 phone number for Facebook Support as one of the top results.
Ransomware continues to dominate the threat landscape, posing significant risks to organizations. The NJCCIC continues to receive reports of ransomware incidents impacting New Jersey private and public sector organizations, including educational institutions and local governments.
Multiple vulnerabilities have been discovered in Ivanti Cloud Services Application (CSA), the most severe of which could allow for remote code execution. Ivanti Endpoint Manager is a client-based unified endpoint management software. Click to read more.
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user.
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs, and more.
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user.
Commodity phishing attacks, known as Phishing-as-a-Service (PhaaS) kits, remain prevalent due to their low cost, anonymity, and ease of execution. Advanced in-the-middle (AiTM) techniques allow attackers to bypass additional security measures such as MFA.
Researchers have discovered a new phishing campaign utilizing Microsoft’s Word file recovery feature. In this campaign, threat actors exploit the corrupted file state to disguise the file type and evade detection by security tools. These emails pretend to be sent from human resources...
In 2023, SpyCloud reported that 61 percent of data breaches were associated with infostealer malware. Cyber threat actors use infostealers to exfiltrate sensitive data on the systems they infect, such as saved browser passwords and cookies, cryptocurrency wallets, and more.
