Exchange/Outlook Autodiscover Bug Exposed $100K Email Passwords

  Guardicore Security Researcher, Amit Serper identified a critical vulnerability in Microsoft’s autodiscover- the protocol, which permits for the automatic setup of an email account with only the address and password needed.  The vulnerability allows attackers who buy domains containing the word “autodiscover,” such as autodiscover.com or autodiscover.co.uk, to capture the clear-text login details of […]

Continue Reading

Malware Creators Use Malformed Certificates To Trick Windows Validation

  Google researchers have identified malware developers generating malformed code signatures that appear to be valid in Windows to bypass security software. This technique is actively used to spread OpenSUpdater, a family of unwanted software known as riskware, which plants advertisements into targets’ browsers and installs other redundant programs on their machines. Researchers believe the […]

Continue Reading

Employees in Retail Industry Most Frequently Targeted by Malicious Emails, New Study Reveals

  A new study from security firm Tessian highlights the sophisticated techniques employed by threat actors to evade detection and trick employees. Between July 2020-July 2021, two million malicious emails bypassed traditional email defenses, like secure email gateways, placing many employers at risk of data breach and cyber fraud.  According to the study, retail industry […]

Continue Reading