Fake CISOs on LinkedIn | More MS exchange vulnerabilities
CyberInsights #64
Fakes claim to be CISOs of Fortune 500 firms on LinkedIn
Search Engines are indexing LinkedIn profiles at face value and blurring the truth.
This article by Brian Krebs showcases how a large number of fake profiles are being created on LinkedIn.
No one seems to know why, but like always, there is always a rumour of North Korean hackers…
Take Action:
There are two things for you to do here.
Set a process where you review the list of employees associated with your LinkedIn page regularly. If you are a large firm where this is practically impossible, check the profiles of the top brass.
If you find an impersonator representing your company, reach out to LinkedIn to disassociate that person from your firm. It appears to be quite manual and difficult at the moment. This is what LinkedIn’s help page says.
Microsoft patches two zero days in Exchange Server
If you were on the fence on moving to cloud based mail, this should push you over.
Whoa! Wait. Stop. Read the image. It’s an exchange server vulnerability from 1999. Exchange 5.5 had a buffer overflow vulnerability.
Circa twenty three years later, MS has two new vulnerabilities - one an SSRF vulnerability and another an RCE.
But, now you have options. Self hosted email does not make sense anymore. You can, and should, move to specialist email providers - Google Workspace and O365 come to mind. Lesser known, but slowly getting popular services like Icewarp show promise.
Take Action:
If you are hosting mails yourself (rolling eyes emoji) and are using MS Exchange, then follow this link to apply mitigations suggested by Microsoft.
After you do that, have a coffee, or something stronger, and write that business case for moving your mails to the cloud.
Enjoyed reading? Receive this in your email every week.