BLOG

Keeping Children Safe Online

Early exposure to technology isn’t just possible; it’s inevitable. The inclusion of technology in classrooms and social pressures from peers create a boiling pot of potential, both good and bad. Conversations about internet safety should happen early and often, and both children and parents should maintain an open dialogue to promote safe internet use. Different … Continue reading Keeping Children Safe Online
Thu, 26 Feb 2026 18:23:16 +0000

Beware of Tax and IRS Phishing Campaigns

As tax season is underway, the NJCCIC has already observed multiple tax and Internal Revenue Service (IRS) phishing campaigns in the past month, utilizing legitimate cloud services to host malicious files and targeting New Jersey State employees. In the above campaign, cyber threat actors send phishing emails disguised as fax messages in Adobe PDF format … Continue reading Beware of Tax and IRS Phishing Campaigns
Thu, 26 Feb 2026 18:20:23 +0000

Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution – PATCH: NOW

Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install … Continue reading Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution – PATCH: NOW
Thu, 26 Feb 2026 16:18:54 +0000

Critical Patches Issued for Microsoft Products, February 10, 2026 – PATCH NOW

Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution. Successful exploitation of the most severe of these vulnerabilities could result in an attacker gaining the same privileges as the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; … Continue reading Critical Patches Issued for Microsoft Products, February 10, 2026 – PATCH NOW
Thu, 26 Feb 2026 16:17:49 +0000

Multiple Vulnerabilities in Fortinet Products Could Allow for Arbitrary Code Execution – PATCH NOW

Multiple vulnerabilities have been discovered in Fortinet products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the affected service account. Depending on the privileges associated with the service account an attacker could then … Continue reading Multiple Vulnerabilities in Fortinet Products Could Allow for Arbitrary Code Execution – PATCH NOW
Thu, 26 Feb 2026 16:16:51 +0000

Update: Malware Analysis Report BRICKSTORM Backdoor

This Malware Analysis Report (MAR) was originally published on December 4 to share indicators of compromise (IOCs) and detection signatures for BRICKSTORM malware. The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Canadian Centre for Cyber Security (Cyber Centre) updated this MAR to include analysis and detection signatures for a new BRICKSTORM variant … Continue reading Update: Malware Analysis Report BRICKSTORM Backdoor
Thu, 26 Feb 2026 16:15:31 +0000

Robinhood TOAD Campaign

The NJCCIC observed multiple Telephone-Oriented Attack Delivery (TOAD) emails targeting New Jersey State employees. Threat actors use email spoofing to make the email appear to come from the legitimate robinhood[.]com. The email header information reveals the sender’s hostname as v[number][.]megaserve[.]de, a domain used by netcup. This legitimate German web hosting provider assigns default names to … Continue reading Robinhood TOAD Campaign
Thu, 26 Feb 2026 16:14:21 +0000

Unusual Activity Detected

The NJCCIC observed a significant increase in phishing campaigns impersonating security alerts about unusual account activity, including warnings about credential loss and account access. These emails use a subject line of “No Reply” and spoofed addresses, which makes the message appear to be sent from the recipient’s email address. Two links are provided in the … Continue reading Unusual Activity Detected
Thu, 26 Feb 2026 16:12:49 +0000

MS-ISAC CYBERSECURITY ADVISORY – A Vulnerability in Dell RecoverPoint for Virtual Machines Could Allow for Arbitrary Code Execution – PATCH: NOW

A vulnerability has been discovered in Dell RecoverPoint for Virtual Machines which could allow for arbitrary code execution. Dell RecoverPoint for Virtual Machines is an enterprise-grade solution for VMware Virtual Machines (VMs) enabling local, remote, and concurrent local and remote replication with continuous cyber resilience for on premises recovery to any point-in time (PiT). Successful … Continue reading MS-ISAC CYBERSECURITY ADVISORY – A Vulnerability in Dell RecoverPoint for Virtual Machines Could Allow for Arbitrary Code Execution – PATCH: NOW
Thu, 26 Feb 2026 16:09:27 +0000

There’s No Pot of Gold at the End of These Lures

The NJCCIC has observed a phishing campaign using multiple lures to capture Google credentials. These emails claim to be hotel reservations, job opportunities, or invitations to digital workspaces, and have subjects such as: Reservation Confirmed Mountain Time Vacation RentalsYou Have Been Granted Access to the CW Digital Marketing Workspace OpportunitySocial Media Manager at Samsung Electronics … Continue reading There’s No Pot of Gold at the End of These Lures
Thu, 26 Feb 2026 16:07:40 +0000

© 2000 Interactive Security Training, LLC - All Rights Reserved.