The NJCCIC has recently identified a campaign using Adversary-in-the-Middle (AiTM) techniques to harvest user credentials for account compromise. Threat actors behind this campaign employ various lures to persuade targets to open the supplied file or click the provided link. Some messages claim to be a final document to review or a proposal based on a [...]

Critical Patches Issued for Microsoft Products Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user, threat actors could then install programs, view, change, or delete data, or create new accounts [...]