Afternoon Dessert - 2022-09-14

Welcome to another Afternoon Dessert breakout:

Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks
The operators behind the Lornenz ransomware operation have been observed exploiting a now-patched critical security flaw in Mitel MiVoice Connect to obtain a foothold into target environments for follow-on malicious activities. "Initial malicious activity originated from a Mitel appliance sitting on the network perimeter," researchers from cybersecurity firm Arctic Wolf said in a report
Read more....

US govt sanctions ten Iranians linked to ransomware attacks
The Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions today against ten individuals and two entities affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC) for their involvement in ransomware attacks. [...]
Read more....

Phishing page embeds keylogger to steal passwords as you type
A novel phishing campaign is underway, targeting Greeks with phishing sites that mimic the state's official tax refund platform and steal credentials as they type them. [...]
Read more....

Microsoft Teams stores auth tokens as cleartext in Windows, Linux, Macs
Security analysts have found a severe security vulnerability in the desktop app for Microsoft Teams that gives threat actors access to authentication tokens and accounts with multi-factor authentication (MFA) turned on. [...]
Read more....

Securing your IoT devices against cyber attacks in 5 steps
How is IoT being used in the enterprise, and how can it be secured? We will demonstrate important security best practices and how a secure password policy is paramount to the security of devices. [...]
Read more....

CISA orders agencies to patch Windows, iOS bugs used in attacks
CISA added two new vulnerabilities to its list of security bugs exploited in the wild today, including a Windows privilege escalation vulnerability and an arbitrary code execution flaw affecting iPhones and Macs. [...]
Read more....

New Lenovo BIOS updates fix security bugs in hundreds of models
Chinese computer manufacturer Lenovo has issued a security advisory to warn its clients about several high-severity vulnerabilities impacting a wide range of products in the Desktop, All in One, Notebook, ThinkPad, ThinkServer, and ThinkStation lines. [...]
Read more....

Gay hookup site typosquatted by 50 domains to push dodgy Chrome extensions
Gay hookup and cruising web app Sniffies is being impersonated by opportunistic threat actors hoping to target the website's users with many typosquatting domains that push scams and dubious Google Chrome extensions. In some cases, these illicit domains launch the Apple Music app prompting users to buy a subscription. [...]
Read more....

Death of Queen Elizabeth II exploited to steal Microsoft credentials
Threat actors are exploiting the death of Queen Elizabeth II in phishing attacks to lure their targets to malicious sites designed to steal their Microsoft account credentials. [...]
Read more....