The need to always conduct a reassessment of our security program cannot be over-emphasized.  Recently a total of 226 possible security flaws were discovered in nine well-known Wi-Fi routers as part of a study conducted by IoT Inspector security experts and editors from the German IT magazine CHIP.

With 32 security weaknesses detected in the TP-Link Archer AX6000 router, it was determined to be the most susceptible. A total of 30 issues were reported for the Synology RT-2600ac. It was followed by the Netgear Nighthawk AX12, which had 29 issues, and the D-Link DIR-X5460, which had 26 issues.

Asus ROG Rapture GT-AX11000 was found to have 25 security flaws, as was Edimax BR-6473AX, which had 21 flaws. Linksys Velop MR9600 had 20 flaws, while AVM FritzBox 7530 AX had 18 flaws as reported. According to the study, millions of people are expected to be affected.

Using IoT Inspector’s security platform, which only identifies issues such as the existence of outdated software, password hashes, or obsolete services on a susceptible router, the vulnerabilities were discovered. There were also instances of false positives.

After being notified of the discoveries, IoT Inspector says that every manufacturer has already rectified or is attempting to rectify the concerns that were discovered, according to their statement.

Furthermore, we need to practice the basic security steps like changing passwords, making sure our devices are getting automatic updates, and deactivating any unnecessary network functions to keep our devices safe online.

Be Cyber Alert…

Threat experts have discovered a new campaign known as ‘OiVaVoii,’ which targets company executives and general managers with malicious OAuth apps and unique phishing lures issued from compromised Office 365 accounts.

According to Proofpoint, the campaign is still running, though Microsoft is keeping an eye on it and has already stopped the majority of the apps.

OAuth is a standard for token-based authentication and permission, it eliminates the need for passwords.

OAuth apps require certain permissions like file read/write, calendar and email access, and email sends authorization.

This system’s goal is to promote usability and convenience while ensuring strong security in trusted contexts.

The threat actors compromise the account of a legitimate office tenant. After that used the apps to issue permission requests to high-ranking executives. In many cases, the recipients accepted the request without hesitation.

When victims click Accept, the threat actors utilize the token to send emails to other employees of the same company.

Affected firms are also at risk from leaders who have already been compromised.

The organizations that may have been hacked need to withdraw the permissions, delete the programs, remove any fraudulent mailbox rules, and scan for any dropped data.

Employees should also be taught to be suspicious of communications from higher-ups within the company, especially if those messages differ from the norm.

…Be Cyber Alert

In order to acquire unauthorized access to a network, threat actors are constantly on the lookout for vulnerabilities. In their current phishing attempt, they have adapted their techniques to avoid two-factor authentication (MFA), which has become increasingly popular.

The notion of multi-factor authentication (MFA) was first proposed in the form of RSA tokens in the year 1986. Since then, it has gained significant acceptance in both the commercial and consumer worlds, respectively.

Following the release of a research from Duo, an authentication solutions provider, over 78 percent of respondents indicated that they have implemented 2FA/MFA authentication in 2021, up from only 28 percent in 2017.

As multi-factor authentication (MFA) continues to gain wider acceptance, phishing kits designed to circumvent this trusted layer of security are becoming increasingly popular among cybercriminals.

Three phishing kits, in particular, have been identified by Proofpoint researchers as having seen an increase in usage recently: Modlishka, Muraena/Necrobrowser, and Evilginx2.

To circumvent multi-factor authentication, criminals will use new strategies like these MitM phishing attempts, which are becoming increasingly common as more firms layer their protection.

Finally, organizations need to evolve rapidly with growing trends in unexpected ways and take unexpected turns. Also, security programs should be in place to deal with blind spots like this.

…Be Cyber Alert ⚠️