However, we can find some compelling clues about the extent of this operation by loading the phishing page in Developer Tools, a set of debugging features built into Firefox, Chrome and Safari that allow one to closely inspect a webpage’s code and operations.Ĭheck out the bottom portion of the screenshot below, and you’ll notice that this phishing site fails to load some external resources, including an image from a link called fly.linkcdnto.Ī search on this domain at the always-useful URLscan.io shows that fly.linkcdnto is tied to a slew of USPS-themed phishing domains. This phishing domain was recently registered and its WHOIS ownership records are basically nonexistent. After collecting your address information, the fake USPS site goes on to request additional personal and financial data. The remaining buttons on the phishing page all link to the real website. Fill in the correct address info by the link.” Below that message is a “Click update” button that takes the visitor to a page that asks for more information. The landing page generated by the phishing link includes the USPS logo, and says “Your package is on hold for an invalid recipient address. Clicking the link in the text message brings one to the domain rmedtrckcom. KrebsOnSecurity recently heard from a reader who received an SMS purporting to have been sent by the USPS, saying there was a problem with a package destined for the reader’s address. Here’s a look at an extensive SMS phishing operation that tries to steal personal and financial data by spoofing the USPS, as well as postal services in at least a dozen other countries. Recent weeks have seen a sizable uptick in the number of phishing scams targeting U.S. In this month’s Patch Tuesday release by Microsoft, they have released both an update to this vulnerability, as well as a temporary workaround should you not be able to patch immediately.” Continue reading → “It is crucial for organizations to apply the latest patches and updates from their web server vendors to mitigate this vulnerability and protect against such attacks,” Silva said. Natalie Silva, lead security engineer at Immersive Labs, said this flaw’s impact to enterprise customers could be significant, and lead to prolonged downtime. “This lets attackers skip waiting for responses, resulting in a more efficient attack,” Menscher explained. Google’s Damian Menscher wrote on Twitter/X that the exploit - dubbed a “ rapid reset attack” - works by sending a request and then immediately cancelling it (a feature of HTTP/2). This weakness is not specific to Windows but instead exists within the HTTP/2 protocol used by the World Wide Web: Attackers have figured out how to use a feature of HTTP/2 to massively increase the size of distributed denial-of-service (DDoS) attacks, and these monster attacks reportedly have been going on for several weeks now.Īmazon, Cloudflare and Google all released advisories today about how they’re addressing CVE-2023-44487 in their cloud environments. For anyone keeping count, this is the 17th zero-day flaw that Apple has patched so far this year.įortunately, the zero-days affecting Microsoft customers this month are somewhat less severe than usual, with the exception of CVE-2023-44487. However, as Bleeping Computer pointed out, this flaw is caused by a weakness in the open-source “ libvpx” video codec library, which was previously patched as a zero-day flaw by Google in the Chrome browser and by Microsoft in Edge, Teams, and Skype products. The patch fixes CVE-2023-42724, which attackers have been using in targeted attacks to elevate their access on a local device.Īpple said it also patched CVE-2023-5217, which is not listed as a zero-day bug. In addition, Apple recently released emergency updates to quash a pair of zero-day bugs in iOS.Īpple last week shipped emergency updates in iOS 17.0.3 and iPadOS 17.0.3 in response to active attacks. Microsoft today issued security updates for more than 100 newly-discovered vulnerabilities in its Windows operating system and related software, including four flaws that are already being exploited.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |