Cybersecurity Headlines FlowerStorm attacks Microsoft 365, BeyondTrust on KEV, Ascension Health fallout
Dec 23, 2024
A new phishing platform called FlowerStorm is targeting Microsoft 365 users with advanced tactics. BeyondTrust has vulnerabilities added to the Known Exploited Vulnerabilities catalog, raising alarms in cybersecurity. The ransomware attack on Ascension Health has impacted nearly 6 million people, showcasing severe threats in the healthcare sector. Legal measures against cybercriminals are gaining traction as cryptocurrency thefts by North Korean hackers continue to escalate, illustrating the persistent dangers in the world of cybercrime.
AI Snips
Chapters
Transcript
Episode notes
FlowerStorm Phishing Platform
- FlowerStorm, a new phishing-as-a-service platform, bypasses multi-factor authentication.
- It targets Microsoft 365 users, primarily in the United States, by intercepting credentials and session cookies.
Mitigating Phishing Attacks
- Use multi-factor authentication with phishing-resistant tokens like FIDO2.
- Deploy email and DNS filtering to block suspicious domains and enhance security.
BeyondTrust Vulnerability
- CISA added a BeyondTrust vulnerability to its Known Exploited Vulnerabilities catalog.
- This critical flaw allows unauthenticated attackers to execute commands as site users.