Here is yet another email attachment, examined by Xme, at SANS Internet Storm and for you to look out for: XLSB Files: Because Binary is Stealthier Than XML – Sans Internet Storm Centre For phishing attacks to succeed the hackers need to exploit your trust – for them to fail …
A question I am often asked…
I am frequently asked what I think of DropBox or other method for organisations to share files across the internet with other organisations, often after I have been speaking about Microsoft 365, OneDrive and SharePoint. Possibly after I have mentioned that these services that have, authentication, authorisation and accountability (AAA) …
Be very careful when you log-in online – things may not be what they seem
This browser-in-the-browser (BitB) is a technique for deceiving the user into thinking they are using a legitimate online login screen, such as when you log in to Microsoft 365 or Google Workspace. This browser-in-the-browser attack is perfect for phishing • The Register Behold, a password phishing site that can trick …
Continue reading “Be very careful when you log-in online – things may not be what they seem”
Now we have “ice phishing” on the shiny new web3
What is ice phishing? Here is what Microsoft has to say about it: ” ‘ice phishing’… …doesn’t involve stealing one’s private keys. Rather, it entails tricking a user into signing a transaction that delegates approval of the user’s tokens to the attacker. This is a common type of transaction that enables …
Continue reading “Now we have “ice phishing” on the shiny new web3″
Microsoft to block downloaded Office macros – at last
Soon Microsoft Office will, by default, block macros from running that originate from the internet. At last! Helping users stay safe: Blocking internet macros by default in Office – Microsoft Tech Community This has been something that Microsoft has dragged it’s feet over for years. It was an open door …
Continue reading “Microsoft to block downloaded Office macros – at last”
