Train Company Under Fire for Insensitive Phishing Simulation Emails
Phishing simulations are an important way to test resilience to phishing attacks, but a British train company has discovered these campaigns can easily backfire if care is not taken when selecting suitable lures for the phishing simulation emails. West Midland Trains recently sent a phishing simulation email to staff that had all the hallmarks of a real-world phishing attack. The emails looked realistic, they appeared to have been...
Largest Fuel Pipeline in United States Shut Down due to Ransomware Attack
The largest fuel pipeline in the United States has been forced to shut down due to a ransomware attack, with the United States declaring a state of emergency over the attack. Colonial Pipeline confirmed the cyberattack occurred over the weekend. The decision was taken to take its systems offline to contain the threat, which has resulted in a temporary halt to all pipeline operations. The 5,500-mile fuel pipeline passes through 12...
12-Year-Old Vulnerabilities Place Millions of Dell Devices at Risk
Hundreds of millions of Dell devices are vulnerable to firmware update driver flaws that could potentially be exploited to achieve remote code execution. The vulnerabilities were identified by security researchers at SentinelOne, and have been present in Dell laptops, desktops, and tablets since 2009. The five vulnerabilities have been combined under a single CVE tracking number – CVE-2021-21551 – which has been assigned a CVSS v3...
Trifecta of Sophisticated Malware Distributed in Spear Phishing Campaign
Three new sophisticated malware variants are being distributed by an Advanced Persistent Threat (APT) group in a large-scale global phishing campaign, according to a new report from FireEye’s Mandiant cybersecurity team. The new malware variants – dubbed DoubleDrag, DoubleDrop, and DoubleBack – are being distributed using 50 domains and one legitimate compromised domain of an HVAC company. Based on the infrastructure used, the...
Patch Released for Actively Exploited Pulse Connect Secure VPN Vulnerability
Pulse Secure has released a patch for the actively exploited zero-day vulnerability – CVE-2021-22893 – in the Pulse Connect Secure SSL VPN appliance. Last week, FireEye researchers announced they had identified instances where the flaw had been exploited by threat groups, with one of those groups believed to be a Chinese Advanced Persistent Threat actor. Exploitation of the flaw could allow unauthenticated remote attackers to...