A phishing campaign exploiting a vulnerability in the Nespresso website has been able to evade detection by taking advantage of security tools that fail to identify malicious nested or hidden links. The campaign begins with a phishing email purportedly sent from a Bank of America employee, urging recipients to "please check your recent [Microsoft] sign-in activity." If a target clicks on the link, they are directed to a legitimate but infected URL controlled by Nespresso. According to research conducted on April 23, 2024, by Perception Point, the hijacked Nespresso site triggers no security warnings because the address is legitimate. The attackers exploit an open redirect vulnerability in the coffee giant's webpage to deliver a malicious .html file disguised as a Microsoft login page, intending to capture victims' credentials. Perception Point's team explained that open redirect vulnerabilities occur when attackers redirect users to an external, untrusted URL through a trusted domain. In this case, the Nespresso URL serves as the trusted domain, allowing attackers to bypass security measures. Attackers exploit the fact that some security vendors only inspect the initial link, failing to detect hidden or embedded malicious links. This phishing campaign has been launched from various sender domains, but consistently utilizes the infected Nespresso URL and the fake Bank of America email. Neither Perception Point nor Nespresso immediately responded to requests for comment on whether the open-direct vulnerability has been addressed.
everal popular Android applications available on the Google Play Store are vulnerable to a path traversal-affiliated vulnerability known as the Dirty Stream attack. This vulnerabil...
The US confirms Russian hackers have breached water systems. They warn North American and European operators about ongoing attempts by pro-Russia activists to infiltrate their tech...
The Simone Veil hospital in Cannes, France, has become the latest target of cybercriminals, with the LockBit ransomware gang claiming to have accessed and published confidential da...