Afternoon Dessert - 2022-11-14

Welcome to another Afternoon Dessert breakout:

New "Earth Longzhi" APT Targets Ukraine and Asian Countries with Custom Cobalt Strike Loaders
Entities located in East and Southeast Asia as well as Ukraine have been targeted at least since 2020 by a previously undocumented subgroup of APT41, a prolific Chinese advanced persistent threat (APT). Cybersecurity firm Trend Micro, which christened the espionage crew Earth Longzhi, said the actor's long-running campaign can be split into two based on the toolset deployed to attack its victims
Read more....

Windows Kerberos authentication breaks after November updates
Microsoft is investigating a new known issue causing enterprise domain controllers to experience Kerberos sign-in failures and other authentication problems after installing cumulative updates released during this month's Patch Tuesday. [...]
Read more....

Dangerous SIM-swap lockscreen bypass – update Android now!
A bit like leaving the front door keys under the doormat...
Read more....

Microsoft fixes Windows DirectAccess connectivity issues
Microsoft has resolved a known issue causing connectivity problems for Windows customers using the DirectAccess service to access their organizations remotely without using a virtual private network (VPN). [...]
Read more....

42,000 sites used to trap users in brand impersonation scheme
A malicious for-profit group named 'Fangxiao' has created a massive network of over 42,000 web domains that impersonate well-known brands to redirect users to sites promoting adware apps, dating sites, or 'free' giveaways. [...]
Read more....

NICE Webinar: Optimizing Your LinkedIn Profile for Your Cybersecurity Career
Speakers: Danielle Santos Manager of Communications and Operations and Lead for International Engagement National Initiative for Cybersecurity Education (Moderator) Michele Stark Federal Account Director LinkedIn Talent Solutions LinkedIn Nick
Read more....

“Gucci Master” business email scammer Hushpuppi gets 11 years
Learn how to protect yourself from big-money tricksters like the Hushpuppis of the world...
Read more....

Whoosh confirms data breach after hackers sell 7.2M user records
The Russian scooter-sharing service Whoosh has confirmed a data breach after hackers started to sell a database containing the details of 7.2 million customers on a hacking forum. [...]
Read more....