BlackBerry’s comeback appears to be on track and happening now based on current events reported this week. What’s it all about? The following excerpt sheds some light into what Blackberry’s EoT and DNA of security technology strategy is for 2020. It was first published in the Financial Times, October 17, 2018. Learn more
Beware Windows 7 users: Malware campaign targeting IoT devices.
With Windows 7 end of life, important security patches are no longer researched or provided by Microsoft to end users,” Ori Bach, CEO of TrapX Security, told CNET. “This can leave anyone using Windows 7 susceptible to attack, not only by existing malware or attackers, but also by any new campaigns that develop in the future, which will exploit unknown vulnerabilities in Windows 7.
End of Windows 7 support hits industries like manufacturing particularly hard, as it relies on embedded devices running the OS that cannot be updated easily, leaving networks open to attacks like this. The malware in this campaign could cause IoT devices to malfunction, potentially harming workers on the manufacturing floor, disrupting production, and/or leaking sensitive data, according to the report.
To avoid attacks that target Windows 7 on your devices, Microsoft recommends that you either(which you can still do for free), or buy a . But if you’re a Windows 7 mainstay, you should at least follow these to keep your device as safe as possible.
In an interview with ZDNet, Gaschet said that during the past three years, he’s been reporting subdomains with misconfigured DNS records to Microsoft, but the company has either been ignoring reports or silently securing some subdomains, but not all.
Researcher: Only 5%-10% got fixed
Gaschet says he reported 21 msn.com subdomains that were vulnerable to hijacks to Microsoft in 2017, and then another 142 misconfigured microsoft.com subdomains in 2019.
“The root cause/mistake is a forgotten DNS entry pointing to something that doesn’t exist anymore, or never existed, like a typo in the DNS entry content,” Gaschet told ZDNet.
Subdomain hijacks lead to spam on microsoft.com
But until now, these misconfigurations have never caused Microsoft any problems or headaches, despite being an attractive attack surface.
In a hypothetical scenario, an attacker could hijack one of these subdomains and host phishing pages to harvest login credentials for Microsoft employees, business partners or even its end-users.
The scenario is not something that has not been seen before.
Luckily, no dangerous threat groups have noticed this problem.
Sadly, others have.
Today, Gaschet pointed out on Twitter that at least one spam group has figured out they could hijack Microsoft’s subdomains and boost their spammy content by hosting it on a reputable domain.
Gaschet says he spotted ads for Indonesian poker casinos on at least four legitimate Microsoft subdomains. These include portal.ds.microsoft.com, perfect10.microsoft.com, ies.global.microsoft.com, and blog-ambassadors.microsoft.com.