Office 365 will let admins review Microsoft Forms phishing attempts
www.bleepingcomputer.com/news/security/office-365-will-let-admins-review-microsoft-forms-phishing-attempts/ Microsoft is working on adding a new Microsoft Forms phishing attempt review feature that will allow Office 365 admins to confirm and block forms that try to maliciously harvest sensitive data.
Winning hacker team pockets $744, 500 at the Tianfu Cup, China’s top hacking contest
www.zdnet.com/article/windows-10-ios-chrome-and-many-others-fall-at-chinas-top-hacking-contest Many of today’s top software programs have been hacked using new and never-before-seen exploits at this year’s edition of the Tianfu Cup China’s largest and most prestigious hacking competition.
Many websites will stop working on older Android versions in 2021
www.androidpolice.com/2020/11/07/many-websites-will-stop-working-on-older-android-versions-in-2021 It took a long time, but most of the web now uses HTTPS to securely transmit information, partially thanks to a push by Google. However, this does mean that many websites could encounter issues (or fail to load entirely) if the proper certificates aren’t installed on your device, which is exactly what will happen to older Android devices next year. Lisäksi:
Cryptojacking Targeting WebLogic TCP/7001
isc.sans.edu/diary/rss/26768 This past week got some interesting logs targeting TCP/7001 (WebLogic CVE-2020-14882 – see previous diary) looking to download and launch a shell script to install various cryptominer on the target. The shell script target SELINUX compatible hosts likely CentOS/RedHat, Ubuntu, etc to install various cryptominer applications.