Cybersecurity Weekly: Zoom-themed phish, Joker malware resurgence, Citrix flaws
A new Office 365 phishing scam uses fake Zoom suspension alerts. Joker malware apps bypass Google’s security to spread via Play Store again. Citrix issues critical patches for 11 new flaws. All this, and more, in this week’s edition of Cybersecurity Weekly.
1. Office 365 phishing scam uses fake Zoom suspension alerts
Microsoft Office 365 users are targeted by a new phishing campaign using fake Zoom notifications to warn those who work in corporate environments that their Zoom accounts have been suspended. So far, the phishing campaign impersonating automated Zoom account suspension alerts has landed in over 50,000 mailboxes.
Read more »
2. Joker malware apps bypass Google’s security to spread via Play Store again
Last week, cybersecurity researchers found another trick to bypass Google’s Play Store protections. The new strategy aims to obfuscate the malicious DEX executable inside the application as Base64-encoded strings, which are then decoded and loaded on the compromised device.
Read more »
3. Citrix issues critical patches for 11 new flaws
Last week, Citrix issued new security patches for as many as 11 security flaws that affect its Citrix Application Delivery Controller, Gateway and SD-WAN WAN Optimization edition networking products. Successful exploitation of these critical flaws could let unauthenticated attackers perform code injection and information disclosure.
Read more »
For more cybersecurity news stories like these, check out the blog »
Looking for certification prep and technical skills development content? Visit our website to check out Infosec Skills! The platform has 70 learning paths, 600 courses and 150 virtual labs where you can try out new skills in a sandboxed environment. Try it free for 30 days with promo code: infoseccommunity