Afternoon Dessert - 2022-08-15

Welcome to another Afternoon Dessert breakout:

Callback phishing attacks see massive 625% growth since Q1 2021
Phishing is constantly evolving to bypass user training and email protections, and as threat actors adopt new tactics with better success ratios, quarterly stats reflect interesting threat trends on multiple fronts. [...]
Read more....

Windows KB5012170 Secure Boot DBX update may fail with 0x800f0922 error
Users may see a 0x800f0922 error when trying to install security update KB5012170 on the currently supported Windows operating system for consumers and the enterprise-class Server version. [...]
Read more....

Russian hackers target Ukraine with default Word template hijacker
Threat analysts monitoring cyberattacks on Ukraine report that the operations of the notorious Russian state-backed hacking group 'Gamaredon' continue to heavily target the war-torn country. [...]
Read more....

Zoom for Mac patches get-root bug – update now!
There's many a slip 'twixt the cup and the lip. Or at least between the TOC and the TOU...
Read more....

Credential Theft Is (Still) A Top Attack Method
Credential theft is clearly still a problem. Even after years of warnings, changing password requirements, and multiple forms of authentication, password stealing remains a top attack method used by cyber criminals. The latest report from the Ponemon Institute shares that 54% of security incidents were caused by credential theft, followed by ransomware and DDoS attacks. 59% of organizations
Read more....

Microsoft disrupts Russian hackers' operation on NATO targets
The Microsoft Threat Intelligence Center (MSTIC) has disrupted a hacking and social engineering operation linked to a Russian threat actor tracked as SEABORGIUM that targets propland organizations in NATO countries. [...]
Read more....