One of the most common pieces of anti-phishing advice is to double-check the website’s domain name before providing your credentials. Typically, a fraudulent domain stands out to the trained eye, differing from the official URL by at least a few characters. Recently, however, Kaspersky encountered a campaign where attackers instruct victims to input data directly into a legitimate, trusted corporate site: the Microsoft Identity Platform, which supports an OAuth 2.0 specification known as the Device Authorization Grant.
This specific protocol extension was designed to simplify the login experience for smart TVs, IoT hardware, printers, and other input-constrained devices that lack a full browser or keyboard. It allows users to use a nearby smartphone or PC for authorizing these devices to access their accounts.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Mirai Variant V3G4 Targets IoT Devices
February 15, 2023
From July to December 2022, Unit 42 researchers observed a Mirai variant called V3G4, which was leveraging several vulnerabilities to spread itself. The vulnerabilities exploited include the following: CVE-2012-4869: FreePBX Elastix Remote Command Execution Vulnerability Gitorious Remote Command Execution Vulnerability CVE-2014-9727: FRITZ!Box Webcam Remote Command Execution Vulnerability Mitel AWC Remote Command Execution Vulnerability Read more… Source: Palo Alto Unit 42
- IoC detection experiments with ChatGPT
February 15, 2023
ChatGPT is a groundbreaking chatbot powered by the neural network-based language model text-davinci-003 and trained on a large dataset of text from the Internet. It is capable of generating human-like text in a wide range of styles and formats. ChatGPT can be fine-tuned for specific tasks, such as answering questions, summarizing text, and even solving cybersecurity-related ...
- Scandinavian Airlines hit by cyber attack
February 15, 2023
Scandinavian airline SAS said it was hit by a cyber attack Tuesday evening and urged customers to refrain from using its app but later said it had fixed the problem. News reports said the hack paralyzed the carrier’s website and leaked customer information from its app. Read more… Source: Skift
- Pepsi Bottling Ventures says info-stealing malware swiped sensitive data
February 14, 2023
Crooks have breached Pepsi Bottling Ventures’ network and, after deploying info-stealing malware, made off with sensitive personal and financial information according to a notification sent to consumers. The breach happened on or around December 23, 2022. However, Pepsi Bottling Ventures – America’s largest manufacturer and distributor of Pepsi-Cola beverages – didn’t discover the unauthorized activity until ...
- New stealthy ‘Beep’ malware focuses heavily on evading detection
February 14, 2023
A new stealthy malware named ‘Beep’ was discovered last week, featuring many features to evade analysis and detection by security software. The malware was discovered by analysts at Minerva after a flurry of samples were uploaded to VirusTotal, an online platform for file scanning and malicious content detection. Read more… Source: Bleeping Computer
- Romance scam targets security researcher, hilarity ensues
February 14, 2023
It sounds like the plot of a somewhat far-fetched romcom-slash-thriller Netflix series, maybe billed as You meets Your Place or Mine, dropping just in time for Valentine’s Day. In it, a pig butchering romance scammer targets her next victim: Sophos’s lead threat researcher. The security biz would probably want us to make very clear that no ...

