Protexity

Suspicious of a URL? Copy and paste it into CyScan to gain insight into if it is a threat or not.

"The undocumented commands allow spoofing of trusted devices, unauthorized data access, pivoting to other devices on the network, and potentially establishing long-term persistence."

It is only a matter of time before a business is attacked. And when that happens, you're either in a resilient position, or you're not. Be proactive. Get your organization assessed and get those vulnerabilities resolved before they can be exploited.

"The most recent Darcula version (V2) was already sleek and user-friendly, with hundreds of templates that allowed subscribers to create phishing content mimicking companies from around the world. But the new version goes much further. Now users can simply copy and paste any URL into Darcula's interface — whether it belongs to Apple, Dark Reading, or their local coffee shop — and the platform will spit out a full-fledged phishing kit." https://lnkd.in/eJhUUpsR #phishing #cybersecurity #infosec #hacking #spam

Excellent blog on how to mitigate risks posed by device code phishing.

"Fortinet warned today that attackers are exploiting another authentication bypass zero-day bug in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks." ?

"CISA warned U.S. federal agencies on Thursday to secure their systems against ongoing attacks targeting a critical Microsoft Outlook remote code execution (RCE) vulnerability."

This is why at Protexity we have a big focus on mastering the basics. For a chain is only as strong as its weakest link. "The hack of a company that helps schools track tens of millions of students appears to be the largest breach of American children’s personal information to date, school officials and cybersecurity experts say." https://lnkd.in/dEGz-hsf #MFA #cyberattack #hacking #infosec

"SonicWall said?in an advisory?that the vulnerability in its SMA1000 remote access appliance, which companies use to allow their employees to remotely log in to their corporate networks as if they were in the office, allows anyone over the internet to plant malware on affected devices without needing a login for the system." #sonicwall #hacking #infosec #cybersecurity #malware

"Hidden text salting (or "poisoning") is an effective technique employed by threat actors to craft emails that can evade parsers, confuse spam filters, and bypass detection systems that rely on keywords. In this approach, features of the Hypertext Markup Language (HTML) and Cascading Style Sheets (CSS) are used to include comments and irrelevant content that are not visible to the victim when the email is rendered in an email client but can impact the efficacy of parsers and detection engines." #phishing #hacking #spam #email #cybersecurity #infosec #malware