MSMQ, CLFS, Fortinet, Spectre redux, Google Pay, BingBots, Aaran Leyland, and More – SWN #289
MSMQ, CLFS, Fortinet, Spectre redux, Google Pay, BingBots, Aaran Leyland, and More on this episode of the Security Weekly News.
Hosts
Doug White
Professor at Roger Williams University
- 1. Leaked documents passed through Discord, Telegram, and 4Chan before reaching the public – The Boston Globe
- 2. Windows admins warned to patch critical MSMQ QueueJumper bug
- 3. Windows Zero-Day Exploited in Nokoyawa Ransomware Attacks
- 4. Windows 11 is getting a new ‘Presence sensing’ privacy setting
- 5. Fortinet Patches Critical Vulnerability in Data Analytics Solution
- 6. Linux kernel logic allowed Spectre attack on major cloud
- 7. Improve security by adopting aviation’s ‘just culture’
- 8. Google Pay mistakenly gives away free cash
- 9. Analysis
Aaran Leyland
Cyber security lead EMEA at Defence
- 1. Microsoft: Phishing attack targets accountants as Tax Day approaches
Microsoft is warning of a phishing campaign targeting accounting firms and tax preparers with remote access malware allowing initial access to corporate networks.
With the USA reaching the end of its annual tax season, accountants are scrambling to gather clients' tax documents to complete and file their tax returns.
Due to this, it makes it an ideal time for threat actors to target tax preparers, hoping that they mistakenly open malicious files that they would generally be more careful with when less busy.
https://learn.microsoft.com/en-us/microsoft-365/security/intelligence/phishing?view=o365-worldwide
