- Cyber Safety
- Posts
- AI Tax Scams, DNS Misconfigs & Fortinet Exploits
AI Tax Scams, DNS Misconfigs & Fortinet Exploits
A new wave of cybersecurity threats is emerging from "Dangling DNS" attacks, where hackers seize control of organization subdomains through misconfigured DNS records.
This vulnerability underscores the necessity for vigilant DNS management within companies. Key highlights include:
• Subdomain Takeovers: Occur when unused DNS entries point to expired services, allowing attackers to register abandoned subdomains.
• Cloud Resource Risks: Attackers can gain control of deleted cloud resources, like AWS S3 buckets, if DNS entries remain unchanged.
• Severe Implications: Aside from website defacement, attackers could inject malicious code into software updates and cloud templates, risking everything from resource hijacking to remote code execution.
Recent findings reveal that over 1,250 subdomain takeover risks were identified due to decommissioned cloud resources.
Organizations must adopt stringent security practices, with proactive monitoring and DNS updates, to guard against these sophisticated attacks. As the cyber landscape shifts, robust DNS management becomes a crucial line of defense.
Cybersecurity researchers have uncovered a troubling trend: the emergence of malware targeting Android and iOS users through fake apps like SpyNote, BadBazaar, and MOONSHINE.
These malicious tools are particularly dangerous as they disguise themselves as legitimate applications, tricking users into their installation. Key highlights include:
• SpyNote, a notorious remote access trojan, exploits device permissions to steal sensitive data, such as SMS, contacts, and location.
• BadBazaar has been linked to state-sponsored attacks on Uyghur and Tibetan communities.
• MOONSHINE malware is being used for long-term surveillance by a group called Earth Minotaur.
As malware becomes increasingly sophisticated, the risk of widespread attacks grows, especially for vulnerable populations. Stay vigilant and informed to safeguard your digital life against these evolving threats!
Fortinet has raised alarms that cyber attackers still maintain read-only access to FortiGate devices even after patches have been applied.
This security mishap stems from a clever exploitation of a symlink vulnerability linked to the SSL-VPN. Here are the key takeaways:
• Attackers have crafted a symbolic link enabling access to the file system, allowing them to retain visibility of device configurations.
• Notable vulnerabilities associated with this exploit include CVE-2022-42475, CVE-2023-27997, and CVE-2024-21762.
• Affected users are encouraged to update to specified FortiOS versions and review their configurations.
• Security advisories have been issued by CISA and CERT-FR, urging users to reset credentials and possibly disable SSL-VPN features.
As cyber threats evolve, the growing speed of exploitation outpaces organizations' patching efforts, raising significant concerns for cybersecurity resilience across critical infrastructure.
As tax season peaks, cybercriminals are unleashing a wave of AI-powered scams, making it critical for businesses to bolster their defenses.
Experts are witnessing alarming trends in cyberattacks that leverage generative AI and deepfake technologies, targeting not only consumers but organizations as well.
Key highlights include:
• Scammers impersonate trusted tax platforms and professionals, complicating detection.
• Over 600 incidents of GenAI-inspired fraud were recorded in 2024 alone.
• Tactics include voice phishing (vishing) and reviving trusted domains to fool victims.
• Many scams exploit psychological pressure during tax season for higher success rates.
The convergence of AI and social engineering means these deceptive tactics are likely to persist beyond the tax deadline.
Security experts advise businesses to implement robust multi-factor authentication and validate suspicious communications to protect sensitive financial information.
As the battle against cyber threats evolves, organizations must remain vigilant and proactive.