Vlog - Security Snark

This week's episode covers Pfizer impersonations, home internet router vulnerabilities, industrial control system security flaws, and employee phishing training research.

Phishers Now Impersonate Pfizer to Target Victims

Cyware

Attack Type:

What To Know:  Cybercriminals are impersonating Pfizer to fool their victims.

Why You Should Care:  Unscrupulous criminals will always take advantage of a crisis or current events to make a few bucks.

Over 300,000 MikroTik Devices Found Vulnerable to Remote Hacking Bugs

The Hacker News

Attack Type: 

What To Know:  New flaws are constantly being found in home Internet routers.

Why You Should Care:  If you have an unpatched router, it can be used to attack other Internet-connected systems

Critical flaws in myPRO HMI/SCADA product could allow takeover vulnerable systems

Security Affairs

Attack Type: 

What To Know:  The computers which run factories, power plants, and many other things are vulnerable to attack.

Why You Should Care:  Disruption or destruction of these systems could cause supply chain problems, utility disruptions, and many other problems that affect the daily lives of ordinary people.

Research: Simulated Phishing Tests Make Organizations Less Secure

Security Week

Attack Type: 

What To Know:  Phishing training might not be as effective as we think it is.  Some people will always fall for phishing emails, no matter how much training they receive.

Why You Should Care:  Every dollar spent on cybersecurity is pure overhead for most organizations.  It’s critical to make sure this money is spent wisely.