Cybercriminals are now launching a highly targeted phishing campaign impersonating Pfizer. The goal of these phishing emails seems to be stealing business and financial information.
What has happened?
According to a report from INKY, the phishing campaign started on August 15.
- The attackers are using clean PDF attachments with newly registered domains that seem to be valid Pfizer online spaces. Then, they use spawn email accounts for email distribution to bypass email protection.
- The domains were registered using the famous domain name registrar Namecheap that accepts cryptocurrency as a payment method, providing anonymity to threat actors.
- The register domains (e.g. pfizer-nl[.]com) may easily fool unsuspecting users into believing it’s the genuine online portal of Pfizer Netherlands.
Honeypot experiment reveals what hackers want from IoT devices
A three-year-long honeypot experiment featuring simulated low-interaction IoT devices of various types and locations gives a clear idea of why actors target specific devices.
More specifically, the honeypot was meant to create a sufficiently diverse ecosystem and cluster the generated data in a way that determines the goals of adversaries.
Lenovo Laptops Vulnerable to Privilege Escalation Exploit
A privilege elevation flaw impacting the ImControllerService service in Lenovo laptops, including ThinkPad and Yoga models, enables cybercriminals to perform commands with admin rights.
According to BleepingComputer, the vulnerabilities are identified as CVE-2021-3922 and CVE-2021-3969 and impact the ImControllerService component of all Lenovo System Interface Foundation versions below 188.8.131.52. When visualizing the Windows services screen, this service has the display name “System Interface Foundation Service.”
Read more Cyber Security News at https://que.com/tag/cybersecurity/