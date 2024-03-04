Security and Windows TCO Leftovers
Bleeping Computer ☛ Hackers target FCC, crypto firms in advanced Okta phishing attacks
A new phishing kit named CryptoChameleon is being used to target Federal Communications Commission (FCC) employees, using specially crafted single sign-on (SSO) pages for Okta that appear remarkably similar to the originals.
The same campaign also targets users and employees of cryptocurrency platforms, such as Binance, Coinbase, Kraken, and Gemini, using phishing pages that impersonate Okta, Gmail, iCloud, Outlook, Twitter, Yahoo, and AOL.
Windows TCO
Security Week ☛ Georgia’s Largest County Is Still Repairing Damage From January Cyberattack
Pitts said county officials are still working to restore phone service and online systems still down more than a month later, though all county offices have reopened and resumed serving residents to at least some degree.
Security Week ☛ Critical Infrastructure Organizations Warned of Phobos Ransomware Attacks
US government agencies on Thursday warned organizations of ongoing Phobos ransomware attacks targeting government, education, emergency services, healthcare, and other critical infrastructure sectors.
Active since May 2019, Phobos operates under the ransomware-as-a-service (RaaS) business model and has successfully extorted several millions of dollars from victim organizations, CISA, the FBI, and MS-ISAC say in a joint advisory.
Integrity/Availability/Authenticity
Bryce Wray ☛ Ente Auth for TOTPs
Having written multiple times about TOTPs and the apps people use to keep track of them, I’ve found myself mainly advising different choices based on one’s device and/or operating system. Then, while reading the Hacker News thread about the Ente photos management apps and service, I learned that Ente also makes Ente Auth, a completely free service with open-source apps for Android, iOS, and iPadOS (the latter works as a Catalyst app on Apple Silicon Macs, too) — as well as a web-based version which any browser can access. Ente is also working on native apps for the desktop, although the OSs aren’t currently specified.
