Cybersecurity Weekly: Wells Fargo phish, Oxford server hack, Cisco Webex flaw

Infosec_SamInfosec_Sam Admin Posts: 527 Admin

A new Wells Fargo phishing campaign baits customers with calendar invites. A hijacked Oxford server was used by hackers for Office 365 phishing. A new Cisco Webex Meetings flaw lets attackers steal auth tokens. All this, and more, in this week’s edition of Cybersecurity Weekly.

 

1. Wells Fargo phishing baits customers with calendar invites

Wells Fargo customers are being targeted by a phishing campaign impersonating the Wells Fargo security team and luring potential victims to phishing pages with the help of calendar invites. The phishing messages have targeted over 15,000 Wells Fargo customers using .ics calendar file attachments.
Read more »

 

2. Hijacked Oxford server used by hackers for Office 365 phishing

Hackers hijacked an Oxford email server to deliver malicious emails as part of a phishing campaign designed to harvest Microsoft Office 365 credentials. The threat actors' attacks had everything needed to bypass their victims' security email filters and trick the victims themselves into handing over their Office 365 credentials.
Read more »

 

3. New Cisco Webex Meetings flaw lets attackers steal auth tokens

A new vulnerability in the Cisco Webex Meetings client could allow local authenticated attackers to gain access to sensitive information including usernames, authentication tokens and meeting information. The stolen account can be thus leveraged as part of future attacks or immediately view and edit meetings or download recordings.
Read more »

For more cybersecurity news stories like these, check out the blog »

Looking for certification prep and technical skills development content? Visit our website to check out Infosec Skills! The platform has 70 learning paths, 600 courses and 150 virtual labs where you can try out new skills in a sandboxed environment. Try it free for 30 days with promo code: infoseccommunity

Try Infosec Skills »

Community Manager at Infosec!
Who we are | What we do
Sign In or Register to comment.