🪆 Russian intelligence sliding in your DM's

Hi and welcome to another Security weekly. Where we laugh, we cry and share the latest and greatest in security and tech news.

In this week's edition:
🪆 Russian intelligence sliding in your DM's
📰 Bits & Bytes
❓ Disable User explains: GDPR
🔥 meme of the week

Reading time: 02:01

Russian intelligence sliding in your DM's

Before I start this headline, quick poll:

All jokes aside, here I am with yet another story about Microsoft.

Don’t get me wrong, I like Microsoft (mostly). It’s just that these stories are too big to ignore.

This week, Microsoft warns us about Social Engineering through Teams:

TLDR;

• the Threat actor is called Midnight Blizzard (previous NOBELIUM) aka Russian intelligence

• Trick people with fake Microsoft messages.

• They've fooled less than 40 big groups. (government, NGO’s, Tech, …)

• They pretend to be tech support, and operate through MS Teams

So yet another one to look out for.
But this wouldn’t be Disable User if we didn’t have some tips for your everyday Microsoft Teams use:

• Unexpected messages - Be wary of unexpected chat requests or messages, especially from unknown external users.

• Link caution - Avoid clicking on any links or downloading files from unfamiliar contacts.

• Check User Profiles - If someone claims to be from a known organization, compare their profile details to official company directories or websites.

• Look for 'External' tag - Always notice the 'External' tag on MS Teams when interacting with someone outside of your organization.

• Double-Check requests - If someone asks for sensitive information or to perform specific actions, like entering a code, always double-check with your IT department or team lead before taking any steps.

That’s some free awareness right there baby, for you or the users you’re managing.

On a related note..

Last week I was talking about a hacker who operated through a compromised Microsoft 365 tenant.
Now Microsoft is saying this:

“In this latest activity, the threat actor uses previously compromised Microsoft 365 tenants owned by small businesses to create new domains that appear as technical support entities.”

Sad to see this becoming a trend.

Bits & Bytes

• What is the General Data Protection Regulation (GDPR)? - I’ve never met anyone who found the GDPR interesting, but this article makes it understandable. Cool.

• New acoustic attack steals data from keystrokes with 95% accuracy - where my mechanical keyboard people at?

• PaperCut flaw in print management sw exposes servers to RCE - PaperCut also had some patching to do last week

• DDoS Botnets Hijacking Zyxel Devices to Launch Devastating Attacks - That’s another one for Zyxel. They’re having a hard time recovering from a series of unfortunate events.. (good show btw)

General Data Protection Regulation (GDPR)

European Union law that provides a single, harmonized law covering data security and privacy.

Or if you want to be the least fun guy at the party.

Meme of the week