InfoSec News Nuggets 5/6/2024

NSA warns of North Korean hackers exploiting weak DMARC email policies The NSA and FBI warned that the APT43 North Korea-linked hacking group exploits weak email Domain-based Message Authentication Reporting and Conformance (DMARC) policies to mask spearphishing attacks. Together with the U.S. State Department, the two agencies cautioned that the attackers abuse misconfigured DMARC policies to send spoofed emails which appear to come from credible sources such as journalists, academics, and other experts in East…
Read More

InfoSec News Nuggets 10/09/2023

Cisco releases urgent patch for flaw that could let hackers access Emergency Response Systems  Cisco Emergency Responder (CER), the company’s emergency communication system used to respond to crises in a timely manner, had hardcoded credentials, allowing hackers with knowledge of this fact easy access to the systems. The news was confirmed by the company itself, which recently released a new patch to address the problem. The vulnerability is tracked as CVE-2023-20101 and comes with a…
Read More