Phishers are spoofing email addresses belonging to US-CERT, an arm of the Department of Homeland Security that coordinates information sharing related to cyber threats, to trick users into installing malware. According to an alert Tuesday, a campaign is currently underway that targets a number of private and government organizations. The messages contain a .zip attachment, "US-CERT Operation Center Report," which is actually a malicious executable file. The alert recommends that recipients immediately delete the socially engineered emails.
Breach disclosures from T-Mobile and PayPal, SSRF in Azure services, Google Threat Horizons report, integer overflows and more, Rust in Chromium, ML for web scanning, Top 10 web hacking techniques of 2022
Despite multiple high-impact vulnerabilities and repeated warnings from Microsoft, government agencies and news media, there are likely hundreds of thousands of internet-connected servers (at least) running older, exposed versions of Exchange today.
Artificial intelligence poses a pretty scary threat to information security overall, but application-security testers should find AI to be extremely useful for finding flaws and weeding out false positives.