Phishing Attacks Disguised as Fake Cert Errors on Cisco Webex Used to Steal User Credentials

Cisco | May 07, 2020

  • Convincing series of phishing attacks are using fake certificate error warnings with graphics and formatting lifted from Cisco Webex emails to steal users' account credentials.

  • According to stats shared by email security company Abnormal Security, these phishing emails have already landed in the mailboxes.

  • The phishing emails impersonate the Cisco Webex Team and warn the targets that they have to verify their accounts as they are blocked by the administrator.


Cisco Webex is a video and team collaboration solution that helps users set up video conferences, webinars, online meetings, and share their screens with their colleagues and friends. The platform is currently facing an influx of new users due to the unusual remote working increase caused by the COVID-19 pandemic. According to stats shared by email security company Abnormal Security, these phishing emails have already landed in the mailboxes of up to 5,000 targets that use Cisco Webex while working remotely.


The attackers induce a sense of urgency with their phishing messages by using cloned graphics and formatting designed to closely mimic automated SSL certificate error alerts that Cisco Webex would send to users. The phishing emails impersonate the Cisco Webex Team and warn the targets that they have to verify their accounts as they are blocked by the administrator because of Webex Meetings SSL cert errors. Users are then requested to click on an embedded 'Log in' hyperlink that will allow them to sign in and unlock their accounts.



Learn more: PHISHING KITS BECOME “BESTSELLER” IN THE UNDERGROUND MARKET: RESEARCH
 

"The attacker could use the compromised user account to send further attacks within the organization and to external partners," .

~ Researchers say .


Seeing that this phishing campaign almost perfectly clones, it should be able to bypass at least some Secure Email Gateways' (SEGs) protections and convince many of the targets to visit the attackers' phishing landing page instead of deleting or sending the phishing emails to the Spam folder. Other video conferencing platforms' users are also being targeted during this challenging time because of the increase in the number of remote workers.

“For instance, another highly convincing phishing campaign spotted by Abnormal Security las month used cloned imagery from automated Microsoft Teams alerts to harvest Office 365 credentials from almost 50,000 users” .


Other video conferencing platforms' users are also being targeted during this challenging time because of the increase in the number of remote workers. Phishing attacks are also targeting Zoom users with fake Zoom meeting notifications being used to threaten potential victims who work in corporate environments that their contracts will be suspended or terminated, with the end goal of harvesting their email addresses and passwords.


What makes all these phishing campaigns even more dangerous than regular ones is that their targets are currently being flooded with alerts from various online collaboration services which makes them prone to ignoring any red flags that would otherwise enable them to recognize such attacks. Real users explain how to implement robust protection with Cisco Email Security’s sophisticated filtering, built-in intelligence and policy definition and enforcement capabilities.


Learn more: COVID-19 AND AMYGDALA HIJACKING IN CYBER SECURITY SCAMS .
 

Spotlight

Cyber defense requires exceedingly complex, analyst-intensive systems that must operate under constant siege. Improvements necessitate a solution approach that accounts for architecture, people, and processes.


Other News
DATA SECURITY

Dataprise Expands its DRaaS and Data Protection Offerings with Acquisition of Industry Leader Global Data Vault

Dataprise | January 18, 2022

Dataprise, a leading strategic IT managed service provider, today announced the acquisition of Global Data Vault, a leader in Disaster-Recovery-as-a-Service (DRaaS), Backup-as-a-Service (BaaS) and modern data protection solutions. The addition of Global Data Vault creates one of the industry's broadest portfolios of integrated data protection and cybersecurity offerings to solve client's toughest business resilience, risk mitigation and compliance challenges. "Clients turn to Dataprise to be their one strategic IT partner, which requires we bring the broadest portfolio of services powered by the best technology and deepest expertise. Today, the mandate for a holistic cybersecurity and data protection strategy is a top priority for our clients, Global Data Vault is a powerful addition as they bring industry leading cloud-based data protection solutions that bolster our premier cybersecurity portfolio, top-notch employees, a strong Veeam partnership, and relentless focus on client success." Steve Lewis, CEO of Dataprise Founded in 2004, Global Data Vault is a recognized leader in the BaaS and DRaaS industry and holds the distinction of being a Platinum Veeam Cloud & Service Provider. Global Data Vault's mission is to protect organizations' critical data with modern data protection strategies to ensure business continuity and eliminate downtime. Headquartered in Dallas, TX, Global Data Vault protects hundreds of clients across the United States, Canada, and the United Kingdom. "Our clients are facing new challenges driven by dramatic changes in the cybersecurity threat landscape and evolution of IT strategies including cloud adoption," said Anthony Galley, Chairman of Global Data Vault. "Dataprise has an enviable portfolio of cybersecurity, managed IT services, and cloud services that enhance the value of our modern data protection and DRaaS offerings. Together with Dataprise we are perfectly positioned to provide our clients even greater value." "We're excited for the opportunity that joining Dataprise presents for our clients, employees and partners. We now have a much broader set of services, capabilities and resources all aimed at protecting client data and ensuring business continuity," said Will Baccich, CEO of Global Data Vault. This marks Dataprise's second acquisition as the company executes on its strategy to build the broadest managed services portfolio and give clients one strategic IT partner to solve it all. The recent acquisition of Wireless Watchdogs added a comprehensive Mobility Managed Services (MMS) and Mobile Device Management (MDM) portfolio aimed at solving mobile device, Internet of Things (IoT) and endpoint management challenges. About Dataprise Founded in 1995, Dataprise believes that technology should enable our clients to be the absolute best at what they do. This commitment to client success is why Dataprise is recognized as the premier strategic managed service and security partner to strategic CIOs and IT leaders across the United States. Dataprise delivers best-in-class managed cybersecurity, disaster recovery as a service (DRaaS), managed infrastructure and managed end-user services that transform business, enhance user experiences, and eliminate risks.

Read More

Thought leaders come together to discuss the futureof developer relations in a remote-first world

SlashData | September 19, 2020

For immediate release London, United Kingdom Media contact at SlashData Ltd. Viktorija Ignataviciute viktorija@slashdata.co Best practises engaging Open Source and DevOps developers Developer trends; Tracking Covid effect on the industry While industries, businesses and individuals are being challenged significantly, the Future Developer Summit is determined to turn this into an enhanced learning opportunity, open to all Developer Relations, Marketing and Advocacy community members. Traditionally hosted in the Bay Area, CA, the 5th Future Developer Summit invites its guests to join the event remotely on 29-30 Sep & 6-7 Oct, ensuring the safety of all stakeholders. For the first time this year, the Summit offers 2 tracks: Open Source and DevOps. Thought leaders at the Future Developer Summit Industry leaders are coming together to discuss the future of developer marketing and developer relations. Director and VP level representatives from CNCF, Google, Microsoft, Comcast, HashiCorp, Intel, Salesforce, Facebook, MongoDB, Futurewei, Eclipse Foundation, Indeed.com, Expedia, Nutanix, and more. Jono Bacon - author of “People Powered” and Mary Thengvall - Director of Developer Relations at Camunda are joining as event’s co-hosts. Follow new announcementsat futuredeveloper.io/ Keynotes by: • Mike Milinkovich, Executive Director at Eclipse Foundation • Nithya Ruff, Executive Director, OSPO at Comcast • Stormy Peters, Director of Open Source Programs Office at Microsoft • Adam FitzGerald, VP, Developer Relations at HashiCorp Lightning talks - hear about successes and failures from: • Melissa Evers-Hood - VP, Intel Architecture, Graphics and Software at Intel • Priyanka Sharma - General Manager at CNCF • Chris Kelly - Director, Open Source and Engineering Engagement at Salesforce • Grace Francisco - VP, Global Developer Relations & Education at MongoDB • Anni Lai - Head of Open Source Operations and Marketing, Cloud at Futurewei • Duane O'Brien - Head of Open Source at Indeed.com • Tobie Langel - Principal and founder, UnlockOpen • Satya Singh - Principal Product Manager - Platform & Marketplaces at Expedia • Mark Lavi - DevOps and Automation Solutions Architect at Nutanix • Tamao Nakahara - Head of Developer Experience at Weaveworks • Amr Awadallah - VP, Developer Relations at Google The highlights • On 29-30 Sep & 6-7 Oct. Full agenda at futuredeveloper.io/ • The highest rated industry event with a Net Promoter Score - 94! • Co-hosts: - Jono Bacon - author of “People Powered” - Mary Thengvall - Director of Developer Relations at Camunda • Remote friendly event for the global tech leaders community • Summit offers 2 tracks: Open Source and DevOps • 2 networks to join: Community and Exclusive • Registration is free for all attendees. We do invite you to voluntarily contribute to Black Girls Code • This year’s Summit coincides with SlashData’s 10-year anniversary of developer research. Join us to celebrate together! ▶ Reporters can redeem the Media Pass here. ▶ General Admission is available here. *Senior audience only Exclusive edition - announcement The Future Developer Summit is opening its doors in 2 weeks! Don’t miss a chance to join an outstanding crew of industry thought leaders bringing the best learning experience for Developer Relations, Marketing and Advocacy community members. Exclusive edition on 6-7 October Your Unique Executive Networking Opportunity in a remote-first world Two industry panels How do industry leaders approach contribution to open source? Speakers: • Sam Ramji - Chief Strategy Officer at DataStax • Chris DiBona - Director of Open Source at Google • Nithya Ruff - Executive Director, OSPO at Comcast • Stormy Peters - Director of Open Source Programs Office at Microsoft The diversity of DevOps approaches and how customers are adopting it? Speakers: • Kelsey Hightower - Staff Developer Advocate, Google Cloud Platform at Google • Greg Wilson - Director of Cloud Developer Relations at Google • Nicole Forsgren - VP, Research and Strategy at GitHub • TBA very soon! Two fireside chats with: • Jono Bacon - author of “People Powered” • Kathy Kam - Head of Open Source & Developer Advocacy at Facebook Two Master Classes Using practical examples, and a lot of data as usual, we will be demonstrating how you can increase your DevRel ROI by taking data-backed decisions and what are the key reasons for using data in your decision making process. Availability is limited → Secure Your Executive Seat

Read More

ENTERPRISE SECURITY

CyberRes Completes Acquisition of Debricked to Further Expand Software Supply Chain Security

CyberRes | March 15, 2022

CyberRes, a Micro Focus line of business, today announced the acquisition of Debricked, a developer-centric open source intelligence company aimed at innovating how organizations secure their software supply chain for today and the future. The addition of the cloud-native software composition analysis platform and AI/ML capabilities further drive CyberRes' strategy in the future of software resilience and DevSecOps. These aligned capabilities, combined with their vision of how developers evaluate, consume, and secure open-source components customized to their organization's need, make Debricked an extremely valuable addition to CyberRes' application security portfolio. "Nearly 90 percent of companies are developing software using open source components to accelerate their development speed to keep pace with business demands, which comes with accelerated risk," said Tony de la Lama, VP Product Management. "Our aim is to invest in and build solutions that allow organizations to secure their applications while maintaining the speed of development. Debricked is uniquely positioned in the market with their portfolio of solutions to address open source security and adds to an already robust portfolio in CyberRes to secure the software supply chain." Debricked's SaaS solution enables more intelligent selection of open source while drastically reducing the risks typically associated with it, both core requirements of modern DevSecOps programs. The service runs on state-of-the-art machine learning which enables the data quality to be extremely accurate as well as instantly updated whenever a new vulnerability is discovered. High precision, combined with developer focused UX and unique abilities to customize the service to your company's needs, makes Debricked unique in the world of open source security and positioned for accelerated growth. "We are excited at becoming a part of Micro Focus and CyberRes. Combining our team with such an industry-leading organization enables us to accelerate Debricked's journey toward our vision of making it easier for companies to use open source securely. We are also excited at the opportunity to present our customers with a full scale, robust security offering." Debricked CEO and co-founder Daniel Wisenhoff Key attributes of Debricked technologies include: Open Source Intelligence: With their latest innovation, Open Source Select, Debricked aims to make searching and comparing open source packages faster. By providing an in-depth analysis of the community health and offering contextualization, developers can make much more informed decisions. Security Vulnerabilities: Continuously and automatically identify, fix and prevent vulnerabilities in open source dependencies. Scan at every commit and get notified when new vulnerabilities appear. License Compliance: Ensure and maintain open source compliance with automated and enforceable pipeline rules, along with enabling creation of software bill of materials (SBOMs). Calculate risk levels for your repositories based on intended use. CyberRes is aimed at building the most complete portfolio that helps enterprises prepare for, respond to, and recover from cyber threats. With this acquisition, Micro Focus continues to show strong commitment and continued investment to Security and the ability to help customers and partners improve their cyber resilience posture. This additional investment includes a series of acquisitions made over the last two years, which strengthen our robust portfolio of security solutions, all focused on delivering business and technical outcomes to support cyber resilience. The latest example of how these investments come together is the recent launch of Galaxy, an immersive cyber threat experience built for CISOs and analysts. About CyberRes CyberRes is a Micro Focus line of business. We bring the expertise of one of the world's largest security portfolios to help our customers navigate the changing threat landscape by building both cyber and business resiliency within their teams and organizations. CyberRes is part of a larger set of digital transformation solutions that fight adverse conditions so businesses can continue to run today, keep the lights on, and transform to grow and take advantage of tomorrow's opportunities.

Read More

DATA SECURITY

Wipro to Acquire Edgile to Strengthen its Leadership in Strategic Cybersecurity Services

Edgile | December 24, 2021

Wipro Limited, a leading global information technology, consulting and business process services company, today announced it has signed an agreement to acquire Austin, Texas headquartered Edgile, a transformational cybersecurity consulting provider that focuses on risk and compliance, information and cloud security, and digital identity. Edgile is recognized by security and risk leaders for its unique business-aligned cybersecurity capability, deep understanding of the changing regulatory environment and enabling cloud transformations that help secure the modern enterprise. In addition, the company’s “strategy-first” approach and “Quick Start” solutions will allow the combined entity to deliver enhanced value in strategic cybersecurity services. Together, Wipro and Edgile will develop Wipro CyberTransform™, an integrated suite that will help enterprises enhance boardroom governance of cybersecurity risk, invest in robust cyber strategies, and reap the value of practical security in action. In collaboration with an extensive roster of alliance partners from Wipro and Edgile, Wipro CyberTransform™ will enable organizations to accelerate their digital transformation and operate in virtual, digital supply chains all in a highly secure manner. “Adding Edgile’s strategic consulting capabilities and launching Wipro CyberTransform™ are significant milestones on our journey to becoming the trusted partner to security leaders and boardroom stakeholders. I see the team blending very well with Wipro’s CyberSecurists to deliver transformational cybersecurity on a global scale.” Tony Buffomante, Senior Vice President & Global Head – Cybersecurity & Risk Services, Wipro Don Elledge, Chief Executive Officer, Edgile, said, “We are immensely thrilled to join Wipro, a company we admire for its values and deep technology capabilities. Our collective full spectrum of cybersecurity risk consulting and security management capabilities will help our global customers to continue to securely embrace their digital transformation journey and sustain their on-going risk management priorities.” Earlier this year, Wipro strengthened its cybersecurity business by acquiring Ampion, a leading provider of cybersecurity services in Australia, and the cybersecurity practice at Capco, a leading consultancy in the BFSI sector in Europe and the US. Additionally, through its Wipro Ventures arm, the company continues to invest in innovative cybersecurity start-ups, demonstrating the firm’s strong commitment towards providing industry leading cybersecurity solutions across sectors and regions. Abry Partners, a minority private equity investor in Edgile, will fully exit its investment in Edgile as a result of this transaction. Piper Sandler acted as financial advisor to Edgile and Stone Key Partners LLC acted as financial advisor to Wipro for the transaction. About Wipro Limited Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO) is a leading global information technology, consulting and business process services company. We harness the power of cognitive computing, hyper-automation, robotics, cloud, analytics and emerging technologies to help our clients adapt to the digital world and make them successful. A company recognized globally for its comprehensive portfolio of services, strong commitment to sustainability and good corporate citizenship, we have over 220,000 dedicated employees serving clients across six continents. Together, we discover ideas and connect the dots to build a better and a bold new future. About Edgile Edgile is the trusted leader in cybersecurity transformation and risk services partnering with the world’s leading organizations, including 31% of the Fortune 100 and 20% of the Fortune 500. Our strategy-first model optimizes today’s enterprise journey to the cloud and modernizes identity and security programs through a risk lens and expert compliance knowledge. We secure the modern enterprise by transforming risk into opportunity with solutions that increase business agility and create a competitive advantage for our clients.

Read More

Spotlight

Cyber defense requires exceedingly complex, analyst-intensive systems that must operate under constant siege. Improvements necessitate a solution approach that accounts for architecture, people, and processes.

Resources