Latest Phishing Scan is Hiding Behind Custom Fonts
January 07, 2019
Researchers have discovered yet
According to cyber security researchers at Proofpoint, the new phishing method, targeting a major US bank with hopes of obtaining credentials, uses a ‘never-before-seen’ technique that takes advantage of custom fonts to evade detection. Once the phishing link has been accessed, the victim is led to an official ‘looking’ login page for the US bank – but in actual fact, includes encoded display text (even after being copied and pasted into a word file) and is set-up to steal your data.
Code snippet from phishing landing page with encoded display text
Microsoft has officially dropped its 60-day password expiration policy from its security baseline, following May’s Window’s 10 updates.
Microsoft has released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services.
Gain a better understanding of the effectiveness of your cyber security controls in our cyber security validation infographic.