TWINN #104 Hackers using Teams to control your computer
Our digital transformation is mostly complete for organizations that have survived and thrived over the last three years. Remote communication tools were key, including Microsoft Teams for many. This means that such tools necessarily need permissions through our firewalls and security gateways. But what happens if the threats are delivered and executed using such permitted tools?
Table of Contents
The 5 Top Cyber Security Stories Of The Week – December 26, 2022
GIFShell attack creates reverse shell using Microsoft Teams GIFs. The video demonstration in this article should be an alarm with anyone using Teams without the protection of DTTS (Don’t Talk To Strangers). A reverse shell is giving a remote attacker full control of your computer.
GuLoader Malware Utilizing New Techniques to Evade Security Software. What happens when we continually add defenses to our endpoints? The persistence of threat actors and criminals continues to innovate to evade security software right at the endpoint, as we can see here. This is another reminder that relying on endpoint security alone hasn’t been and is not sufficient.
France Fines Microsoft €60 Million for Using Advertising Cookies Without User Consent. While cookie privacy laws of the EU have been an overall make-work project for no benefit in the first place, the truth is that third party ad blocking should be a standard anyway. The takeaway is that security gateway-based third-party ad blocking, complimented with in-browser extensions like uBlock Origin, prevents such ads (and their cookies) from landing on our computers in the first place.
LastPass says hackers stole customers’ password vaults. While password managers are overwhelmingly a good thing, and the strength of your master password is key here, it’s not a comfortable feeling to any LastPass user I know that our vault could be in the hands of the enemy, with only our master password as the barrier to the entire vault. The saving grace here is that any of your accounts that have MFA enabled will make it much harder for thieves to use the stolen passwords. In any case, change your passwords stored in LastPass.
Kremlin-backed hackers targeted a “large” petroleum refinery in a NATO nation. While we’re observing a focus on the energy industry, the risk is present with the entire critical infrastructure set of operational networks. Zero Trust will play a key role in protecting all such networks.
Did you know?
The Opal C1 4k Webcam is now available. I’ve been using one for a week, and my microphone experience was not good. Still, the camera functions, real-time filters, and overlays are quite impressive with true depth segmentation, so blurring the background does not pixelate as with zoom and teams’ built-in features.
The video version will begin again next week. Happy new year!