One of the most common pieces of anti-phishing advice is to double-check the website’s domain name before providing your credentials. Typically, a fraudulent domain stands out to the trained eye, differing from the official URL by at least a few characters. Recently, however, Kaspersky encountered a campaign where attackers instruct victims to input data directly into a legitimate, trusted corporate site: the Microsoft Identity Platform, which supports an OAuth 2.0 specification known as the Device Authorization Grant.
This specific protocol extension was designed to simplify the login experience for smart TVs, IoT hardware, printers, and other input-constrained devices that lack a full browser or keyboard. It allows users to use a nearby smartphone or PC for authorizing these devices to access their accounts.
Read more…
Source: Kaspersky
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- MacOS SUHelper Root Privilege Escalation Vulnerability: A Deep Dive Into CVE-2022-22639
April 4, 2022
Trend Micro researchers discovered a vulnerability in suhelperd, a helper daemon process for Software Update in macOS. A class inside suhelperd, SUHelper, provides an essential system service through the inter-process communication (IPC) mechanism. The process runs as root and is signed with special entitlements, such as com.apple.rootless.install, which grants the process permission to bypass System ...
- How Does Cybersecurity Impact Environmental Services and Infrastructure?
April 4, 2022
Environmental sustainability has become a significant concern for businesses today. Yet, many are not seeing the connection between sustainability efforts and cybersecurity. Despite how different they may seem, these two topics are intertwined. If environmental services and infrastructure don’t embrace better security, the consequences could be severe. If organizations hope to make a positive environmental impact, ...
- An In-Depth Look at ICS Vulnerabilities Part 2
April 4, 2022
In part one, Trend Micro researchers discussed ICS-CERT advisories from 2010 to 2021. Using MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for ICS, determined the number of identified CVEs that affect the ICS environment. For this blog entry, Trend Micro look into the sectors affected, especially during 2021: Read more… Source: Trend Micro Related story: An In-Depth Look ...
- Borat RAT: Multiple threat of ransomware, DDoS and spyware
April 4, 2022
A new remote access trojan (RAT) dubbed “Borat” doesn’t come with many laughs but offers bad actors a menu of cyberthreats to choose from. RATs are typically used by cybercriminals to get full control of a victim’s system, enabling them to access files and network resources and manipulate the mouse and keyboard. Borat does all this ...
- Chinese hackers Deep Panda return with Log4Shell exploits, new Fire Chili rootkit
April 1, 2022
Deep Panda has launched new attacks this month that exploit Log4Shell to deploy the new Fire Chili rootkit. Deep Panda is a Chinese advanced persistent threat (APT) hacking group that has been active for at least a decade. The APT targets government, defense, healthcare, telecoms, and financial organizations, to name a few, for purposes including data ...
- Zyxel urges customers to patch critical firewall bypass vulnerability
April 1, 2022
Zyxel is urging customers to immediately patch a critical vulnerability in the vendor’s firewall software. In a security advisory published this week, the Taiwanese networking giant said the security flaw can lead to the circumvention of firewall protection in Zyxel USG, ZyWALL, FLEX, ATP, VPN, and NSG product lines. Tracked as CVE-2022-0342 and issued a critical severity ...

