Be Cyber Safe | Issue 210
February 28, 2025
In this issue of Be Cyber Safe
We have all made it to the last day of February. This month has flown by, and it seems like it lasted six months. Here is what’s in this week’s Be Cyber Safe!
- The Unexpected Downfall: How a Wobbly Domino Led to Organizational Ruin
- The Cyber Alert Level – GUARDED
- Windows 11 KB5052093 update released with 33 changes and fixes
- Cybercriminals Can Now Clone Any Brand’s Site in Minutes Using Darcula PhaaS v3
- In Cyber Security Humor – Finding your password.
- Commonwealth Sentinel expands our social media presence
In the next few weeks, we will unveil an exciting opportunity to empower your organization to improve cyber security through training. Look for more information shortly!
Have a great weekend, and #BeCyberSafe!
The Unexpected Downfall: How a Wobbly Domino Led to Organizational Ruin
Have you heard about Okta?
Even if you haven’t, you might still have been affected by the large-scale breach on their systems that rocked the tech community on October 19, 2023. Okta is a third-party service that provides organizations, like your own, for example, with multi-factor authentication, other secure biometric identification, and single sign-on tools.
You can imagine how fast a breach of those services can go badly.
Behind the Breach on Okta
This is how quickly one single, swift lapse in security awareness can trigger a tidal wave of consequences. One Okta employee signed into their personal Google account on their company-issued laptop. Because their professional login credentials were saved to the same Chrome browser, their work accounts were accessible, too.
This case perfectly encapsulates why keeping your work and personal accounts SEPARATE is essential. Personal devices and accounts are notoriously less secure than the ones you use for work. It’s not because you treat one with more care; instead, consider how many defenses you have on your work computer versus your personal laptop.
On February 26, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to vulnerabilities in Google Chrome and an advisory on widespread ransomware activities.
Cyber Security News Worth Reading!
FROM BLEEPING COMPUTERS
Windows 11 KB5052093 update released with 33 changes and fixes
Microsoft has released the February 2025 preview cumulative update for Windows 11 24H2, with 33 improvements and fixes for multiple issues, including SSH and File Explorer bugs and the volume jumping to 100% when waking the PC from sleep.
KB5052093 is part of Microsoft’s monthly “optional non-security preview updates” schedule that lets Windows admins test new features, bug fixes, and improvements that will be rolled out to all customers with the March 2025 Patch Tuesday release.
First, the Windows 11 February 2025 preview update (like the one released for Windows 10 systems) resolves a longstanding issue that breaks SSH connections on some PCs after installing the October 2024 cumulative and preview updates.
FROM FROM HACKER NEWS
Cybercriminals Can Now Clone Any Brand’s Site in Minutes Using Darcula PhaaS v3
The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform appear to be readying a new version that allows prospective customers and cyber crooks to clone any brand’s legitimate website and create a phishing version, further bringing down the technical expertise required to pull off phishing attacks at scale.
The latest iteration of the phishing suite “represents a significant shift in criminal capabilities, reducing the barrier to entry for bad actors to target any brand with complex, customizable phishing campaigns,” Netcraft said in a new analysis.
The cybersecurity company said it has detected and blocked more than 95,000 new Darcula phishing domains, nearly 31,000 IP addresses, and taken down more than 20,000 fraudulent websites since it was first exposed in late March 2024.
Cyber Security Humor
