SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Internet Stormcast Feb 6th 2025: com- prefix domain phishing; Win 10 ESU pricing; Firefox CT Policy; Veeam and Netgear patches
5 snips
Feb 6, 2025 Learn how scammers are exploiting com- prefix domains to launch convincing phishing attacks, targeting victims with toll fee scams. Microsoft updates pricing for Windows 10 Extended Security Updates, setting a fee for continued protection. Mozilla pushes for better internet security by enforcing certificate transparency measures. Additionally, discover serious vulnerabilities in Veeam's backup process and Netgear's WiFi routers, highlighting the need for rapid updates in cybersecurity.
AI Snips
Chapters
Transcript
Episode notes
Smishing Customization
- Toll scammers customize smishing messages with local details like SunPass for Florida residents.
- This increases the likelihood of victims falling for the scam.
Detect Toll Phishing
- Monitor DNS lookups and HTTP requests for domains starting with "com-".
- This helps detect users who may have fallen for toll fee phishing scams.
Windows 10 ESU Pricing
- Microsoft's extended security updates for Windows 10 will cost $61 per machine for the first year.
- Consider upgrading to Windows 11 as a cost-effective alternative.