1

20K WordPress Sites Exposed by Insecure Plugin REST-API

Quick Bit: The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS.

Full Story:

The WordPress WP HTML Mail plugin for personalized emails is vulnerable to code injection and phishing due to XSS.

Partner content, here is the link to the original article Read More




Phishing impersonates shipping giant Maersk to push STRRAT malware

Quick Bit: A new phishing campaign using fake shipping delivery lures installs the STRRAT remote access trojan on unsuspecting victim’s devices.

Full Story:

A new phishing campaign using fake shipping delivery lures installs the STRRAT remote access trojan on unsuspecting victim’s devices.

Fortinet discovered the new campaign after spotting phishing emails impersonating Maersk Shipping, a giant in the global shipping industry, and using seemingly legitimate email addresses.

If the recipient opens the attached document, the macro code that runs fetches the STRRAT malware onto their machine, a powerful remote access trojan that can steal information and even fake ransomware attacks.

Impersonating Maersk shipping emails

As seen in the header information of the phishing emails, the messages are routed through recently registered domains that increase the risk of being flagged by email security solutions.

The email claims to be information about a shipment, changes in delivery dates, or notices regarding a fictitious purchase and includes an Excel attachment or links to one that pretends to be the related invoice.

Example phishing email used in campaign
Source: Fortinet

In some cases, Fortinet’s analysts sampled emails that carried ZIP files that contained the STRRAT malware, so no intermediate dropper in the form of a document was used.

The actors have obfuscated the contained packages by using the Allatori tool to evade detection from security products.

The STRRAT infection begins by decrypting the configuration file, copying the malware into a new directory, and adding new Windows registry entries for persistence.

Function responsible for writing new Registry entries
Source: Fortinet

The STRRAT threat

STRRAT malware first gathers basic information on the host system like the architecture and any anti-virus tools running on it and checks local storage and network capability.

In terms of its functionality, STRRAT can perform the following:

Log user keystrokes
Facilitate remote control operation
Grab passwords from web browsers like Chrome, Firefox, and Microsoft Edge
Steal passwords from email clients like Outlook, Thunderbird, and Foxmail
Run a pseudo-ransomware module to simulate an infection

This last part is interesting because no files are encrypted in the fake ransomware attack. As such, it’s most likely used to divert the victim’s attention away from the real problem, which is the exfiltration of data.

However, considering that this module essentially blows the cover of STRRAT, its presence and deployment is somewhat contradictory.

The pseudo-ransomware module
Source: Fortinet

Finally, the malware’s communication method isn’t very well optimized for stealthiness either.

“Examining that traffic in Wireshark shows STRRAT being exceptionally noisy. This is likely due to the C2 channel being offline at the time of the investigation,” explains Fortinet’s report

“In its effort to obtain further instructions, the sample attempts to communicate over port 1780 and 1788 at one-second intervals, if not more in some instances.”

C2 addresses spotted in the campaign
Source: Fortinet

Trojans like STRRAT often go ignored for being less sophisticated and more randomly deployed. However, this phishing campaign demonstrates that lesser threats in circulation can still deliver damaging blows to companies.

The phishing emails used in this campaign blend very homogeneously with day-to-day corporate communications in companies that deal with shipments and transportation, so it only takes a tired or careless employee for the damage to be done.

Partner content, here is the link to the original article Read More




McAfee Bug Can Be Exploited to Gain Windows SYSTEM Privileges

Quick Bit: McAfee has patched two high-severity bugs in its Agent component, one of which can allow attackers to achieve arbitrary code execution with SYSTEM privileges.

Full Story:

McAfee has patched two high-severity bugs in its Agent component, one of which can allow attackers to achieve arbitrary code execution with SYSTEM privileges.

McAfee has patched two high-severity vulnerabilities in a component of its McAfee Enterprise product that attackers can use to escalate privileges, including up to SYSTEM.

According to McAfee’s bulletin, the bugs are in versions prior to 5.7.5 of McAfee Agent, which is used in McAfee Endpoint Security, among other McAfee products.

The Agent is the piece of McAfee ePolicy Orchestrator (McAfee ePO) that downloads and enforces policies and executes client-side tasks such as deployment and updating.

The McAfee Agent is also the component that uploads events and provides additional data regarding each system’s status. Periodically collecting and sending event information to the McAfee ePO server, the Agent – which also installs and updates endpoint products – is a required install on any network system that needs to be managed.

OpenSSL Component Bug Can Lead to SYSTEM Privileges

One of the flaws in the Agent – tracked as CVE-2022-0166 and given a CVSS base criticality rating of 7.8 – was discovered by Will Dormann of the Carnegie Mellon University’s CERT Coordination Center (CERT/CC).

On Thursday, CERT/CC published an advisory that said that the vulnerability is found in an OpenSSL component in Agent that specifies an OPENSSLDIR variable as a subdirectory that “[may] be controllable by an unprivileged user on Windows.”

According to the advisory, McAfee Agent “contains a privileged service that uses this OpenSSL component. A user who can place a specially crafted openssl.cnf file at an appropriate path may be able to achieve arbitrary code execution with SYSTEM privileges.”

Dormann found that an unprivileged user could exploit the bug to place a specially crafted openssl.cnf in a location used by McAfee Agent and thus potentially be able to execute arbitrary code with SYSTEM privileges on a Windows system that has the vulnerable McAfee Agent software installed.

When Dormann referred to an openssl.cnf, he was talking about an OpenSSL configuration file: a file that provides SSL defaults for items such as certificate files locations, and site details such as those entered during installation.

Arbitrary Shell Code

The second bug in the Agent – tracked as CVE-2021-31854 and given a CVSS criticality rating of 7.7 – can be exploited by a local user to inject arbitrary shell code into a file, McAfee said in its advisory. “An attacker can exploit the security hole to obtain a reverse shell that allows them to gain root privileges,” according to the company.

The vulnerability, which is still pending analysis by its discoverer – Russell Wells from Cyberlinx Security – is a command-injection vulnerability in McAfee Agent for Windows prior to 5.7.5. McAfee said that it allows local users to inject arbitrary shell code into the file cleanup.exe.

“The malicious clean.exe file is placed into the relevant folder and executed by running the McAfee Agent deployment feature located in the System Tree,” according to McAfee. “An attacker may exploit the vulnerability to obtain a reverse shell which can lead to privilege escalation to obtain root privileges.”

Wells told Security Week that exploiting this bug requires access to the McAfee ePO host, as in, the underlying Windows host, not the application itself.

Elevated Access Lets Threat Actors Run Amok

Exploiting privilege-escalation bugs lets threat actors paw at resources that should normally be locked safely away. Attackers can use those elevated privileges to steal confidential data, run administrative commands, read files from the file system and deploy malware, as well as to potentially evade detection during attacks.

This isn’t the first time that privilege-escalation bugs have turned up in McAfee’s Agent. A few months ago, in September, the security firm patched one such bug (CVE-2020-7315) that was discovered by Tenable security researcher Cl?ment Notin.

That earlier bug involved DLL injection in McAfee Agent that could have allowed a local administrator to kill or tamper with the antivirus, without knowing the McAfee password.

Photo courtesy of M.O. Stevens. Licensing details.

Partner content, here is the link to the original article Read More




Toast Game In a Rut? Time to Try This Mushroom Toast With Arugula & Lemon

File this under “toast with benefits.”

The post Toast Game In a Rut? Time to Try This Mushroom Toast With Arugula & Lemon appeared first on Camille Styles.

Originally found on Camille Styles Read More




Hunter Biden Invested in Chinese Company Tied to Senior Chinese Communist Party Officials: Emails

Quick Bit: Hunter Biden, the second son of U.S. President Joe Biden, once held a stake in a Chinese company …

Full Story:

Hunter Biden, the second son of U.S. President Joe Biden, once held a stake in a Chinese company with ties to senior party officials of the Chinese regime, according to emails recently obtained by Fox Business.

According to a March 2017 email sent to him from his business associate Eric Schwerin, Hunter’s private equity firm, Rosemont Seneca Thornton, invested in China-based Harves Century Group—including a 5 percent stake in Harves Amusement Parks and ownership in Harves Sports and Entertainment. It is unclear if Hunter still has any investment in the group.

The Harves Century Group is based in Shenyang, the capital of northeastern China’s Liaoning Province, and it has a U.S. affiliate named Harves based in Washington, D.C. Harves describes itself on its website as a company that provides “unique experiences that merge sports, entertainment, art, food, music, and fashion,” and it is a partner of both the NBA and British soccer club Manchester United.

According to Fox, the Harves Century Group is backed by state-owned China Development Bank. The Group’s website names Shao Jinglan as its chairwoman.

The group’s ties to the Chinese Communist Party (CCP) were exposed in another email obtained by Fox. The email shows that Shao is the mother of Zhang Bo and Zhang’s father-in-law is Liu Cigui, who was the governor of China’s Hainan Province from 2015 to 2017 and the province’s party secretary from 2017 to 2020.

Liu Cigui had a long political career in China starting in the 1980s, holding different party positions in southern China’s Fujian Province. From 2012 to 2017, he was also a member of the Chinese regime’s Central Committee, which is tasked with choosing CCP members to sit on the 25-member Politburo, the most powerful decision-making body in China.

Currently, Liu Cigui is one of the vice directors of the Foreign Affairs Committee at China’s rubber-stamp legislature, the National People’s Congress.

The second email was sent to Hunter in 2015 from Francis Person, who was a former aide to Joe Biden when the latter was a senator and U.S. vice president.  In 2016, Person lost in the 2016 House race to then-incumbent Rep. Mick Mulvaney (R-S.C.).

According to LinkedIn, Person was president of Harves from 2015 to 2018, during which he “helped guide the formation of the Harves [Century] Group headquartered in Washington, D.C.” He is now the chief chief executive officer of Harves Global Entertainment.

As for Zhang, he has been chairman and the chief executive officer of Harves since February 2014, and he describes the company as a “family business,” according to LinkedIn.

Zhang’s connection to the Chinese regime was also evident in a 2013 Foreign Agents Registration Act (FARA) filing (pdf), which was first reported by Fox. The filing named Zhang as a “foreign principal” for his relationship with Liu Guoqiang, who was at that time vice chairman of the Liaoning Provincial Committee of the Chinese People’s Political Consultative Conference (CPPCC), a political advisory body.

Liu Guoqiang had a long political career in his home province of Liaoning before his retirement in 2017. He was vice governor of the province from 2001 to 2013. In 2020, he was put under party investigation for corruption in July 2020 and subsequently expelled from the Party in January 2021.

On Jan. 17, China’s state-run media reported that Liu Guoqiang took over 350 million yuan (about $55 million) in bribery from 2006 to 2020.

Other emails show that Person and Zheng met with Hunter and Schwerin in Washington “on multiple occasions,” Fox wrote. In a 2016 email, Hunter called Zhang a “good friend and business colleague.”

A 2016 email that Fox obtained included Schwerin telling Zhang about the NBA’s expansion in China.

“If Liaoning can get one of these stadiums that would be a big help in your efforts to get more NBA related content in Liaoning,” the email said, according to Fox.

In November 2020, NBA China, a separate business arm of the NBA, and Harves issued a joint press release (pdf) announcing their partnership to develop NBA-themed entertainment centers in China.

“As part of the partnership, Harves, plans to open six NBA-themed entertainment centers across China, with the first opening by 2022,” the release states.

According to Chinese media, the first center is set to open in Suzhou, a city located near Shanghai.

Hunter Biden’s business dealings have long been under scrutiny. In September 2020, a Senate report found that he began developing associations with Chinese nationals beginning in at least 2009, the year he co-founded Rosemont Seneca Partners.

According to the report, these financial connections “accelerated while his father was vice president and continued after he left office.”

Hunter Biden’s attorney Chris Clark and Harves did not immediately return to a request for comment.

Originally found on Epoch Times. Read More




Join Us At NRA’s Great American Outdoor Show

Quick Bit: The 2022 Great American Outdoor Show is coming to the Pennsylvania Farm Show Complex in Harrisburg, Pa., soon.

Full Story:

The 2022 Great American Outdoor Show is coming to the Pennsylvania Farm Show Complex in Harrisburg, Pa., soon.

Originally found on NRA Read More




Big Brothers Big Sisters of the Sun Coast Celebrates National Mentoring Month

Big Brother of the Year John Barringer enjoys spending time with his Little Brother Lamar

Venice, FL (January 21, 2022) – Longstanding studies show long-term, one-to-one, staff-supported volunteer mentoring works. As we mark National Mentoring Month this January, Big Brothers Big Sisters of the Sun Coast is honoring all who make up their successful community –parents, volunteers, staff, and donors who work together to make a mentoring match strong, enduring, and successful.

Behind every successful mentoring match is a team of selfless, dedicated believers. Of course, there is the volunteer who makes time in their schedule to commit to helping a child reach their full potential. There is the parent or guardian, most often a single mom or grandmother who courageously seeks support to give her child every opportunity to succeed.  Then there is the staff person, a professional who uses facts from interviews, references, experience, and intuition to match the right child and family with the right volunteer.  And behind every relationship are the donors, whose financial resources make it possible for our mentors, mentees, and parents to get the ongoing support, guidance, and resources that help them establish and maintain the kind of dialogue, communication, and understanding that are behind Big Brothers Big Sisters’ successful long-term one-to-one mentoring relationships.

This month, we honor our volunteers for being Defenders of Potential. We thank our parents and guardians for their trust and commitment to their children. We pay tribute to our staff, and we show gratitude to our donors.

“When I first volunteered to be a Big Brother, I did not know what to expect and I did not have any experience in this area.   It was over 5 years ago I met Lamar and one thing that stands out to me is the fact I volunteered to help a child in need, I never expected the positive impact it has had on my life. I feel so grateful every time Lamar’s Mom says that I am a blessing to them, well it works both ways.  I truly feel blessed and grateful to have them in my life, they have become family to me and I have enjoyed watching Lamar mature over the past 5 years. I have every intention for this to be a lifelong connection,” said Big Brother of the Year, John Barringer.

“John has changed my life in a lot of ways; he’s done so much for me that it’s hard to put into words. John is an actual Big Brother to me, not just because that’s what he’s called because he’s my Big Brother with Big Brothers Big Sisters, but because he IS my family and my real-life Big Brother. He has been there since I was 6 years old and has challenged me to accomplish my goals. I have never had a father figure, so having John in my life has made me happy. Because of John, I have someone to do boy stuff with, hang out with, and talk to about anything. John has changed my life for the better, and I can’t imagine my life without him in it,” said Little Brother Lamar.

You too, can change a life and inspire potential in our youth. For more information or to become a Big, please call 855-501-BIGS (2447).

For over 50 years, Big Brothers Big Sisters of the Sun Coast has been matching youth in meaningful, enduring, professionally supported mentoring relationships with adult volunteers who defend their potential and help them achieve their biggest possible futures. Big Brothers Big Sisters’ evidence-based approach is designed to create positive youth outcomes, including educational success, avoidance of risky behaviors, higher aspirations, greater confidence, and improved relationships. This past year, Big Brothers Big Sisters of the Sun Coast has served over 1,500 youth across a 10 county footprint. Learn how to get involved at bbbssun.org.




Relevant and Extended Detection with SecureX, Part Three: Behaviour-Based Detections with Secure Network Analytics

Quick Bit: Discover how to leverage Secure Network Analytics to deploy Behaviour-Based Detections, making them more relevant and actionable with Cisco SecureX.

Full Story:

In part one of this Relevant and Extended Detection with SecureX series, we introduced the notion of risk-based extended detection with Cisco SecureX – the idea that a user can prioritise detections into incidents based on their idea of what constitutes risk in their environments and then extend those detections with enrichments from other products. In subsequent posts we are diving deeper into different Cisco Secure detection technologies and how their respective detections can be prioritised, promoted to SecureX as incidents and extended. In this post we will look at detections from Cisco Secure Network Analytics to uncover what exactly a network behaviour-based detection is, what makes them relevant and important, when/how to promote them to SecureX as incidents, and how to leverage and extend the detections in SecureX.

What Makes a Network Behaviour Detection?

If you’ve attended BRKSEC-3014 at any Cisco Live in the past, you’ll know this is one of my favourite topics: behavioural observations describe that a specific behaviour was observed and as such are a statement of fact – ex. “This host has been observed to have High Traffic.” The usual language in security operations – True Positive, False Positive, True Negative, False Negative – can’t be used to accurately classify a behavioural observation (by definition, everything is a true positive) and we must approach them with a slightly different mindset than we would a content derived detection.

A behaviour analytic product, like Cisco Secure Network Analytics, collects data, analyses it and when the conditions for a given algorithm, or behavioural model are met, generate a detection. I tend to separate the detections generated into two buckets:

1. Observation of a known behavioural condition

An algorithm watches for a known behaviour pattern and alarms when the conditions are met. A very simple example is communication to a known command and control server, a more complex example is a host is downloading a large amount of data.

2. An anomaly observation

A definition of normal is established and when the conditions for a deviation from that normal is met an alarm generates. This event is harder to classify, oftentimes the model of normal is built based on some of the similar behaviour conditions above and alarm on a deviation, for example “a host is downloading an abnormal amount of data.”

The thing that makes operationalising behaviour observations tricky is that the detections themselves do not capture intent: you often must overlay intent using the language of the business and its relevance to the behavioural observation. For example “the PCI server just uploaded a lot of data to an external server” is very different than “10.10.10.10 just uploaded a lot of data to 128.107.78.10.” Just identifying a behaviour doesn’t necessarily mean it was a bad behaviour and just identifying an anomaly doesn’t necessarily mean that it is an insidious threat. There’s a lot of weird out there, and some of it means nothing.

.

The process of choosing which observations and alarms are some of the most valuable and actionable is beyond the scope of this blog series, however, several tools and techniques have been documented over the years and different methodologies developed to show how to best operationalise behavioural observations from Cisco Secure Network Analytics. If you haven’t already, and you’re interested in understanding the analytics engine, I would suggest viewing past recordings of BRKSEC-3014 and the Phased Approach to Tuning is always worth a read.

Creating an Incident from a Secure Networks Analytics Observation

One approach that takes the context of the business into the generation of alarms is the Tiered Alarm approach; which also lends itself perfectly to the promotion of incidents into SecureX threat response .  In the tiered alarm approach to tuning alarms, active alarms in Secure Network Analytics are configured to three tiers:

Severity Critical – Well-tuned, well-understood, typically low volume and highly actionable
Severity Major – of interest and are tuned, observed, and documented
Severity Minor – Mostly informational; not necessarily actionable on their own, but useful for context

When using the Tiered Alarm approach, after deciding what are the most important alarms to your security operations center, you set their severity to critical – and these are the ones that you build a response playbook around. It also happens that Cisco Secure Network Analytics uses the severity setting as criteria for promotion of alarms to Cisco SecureX threat response as incidents. In order to automatically promote an alarm to SecureX threat response simply set its criteria to critical and in the Response Management configuration for the built-in rule Priority A: Severity Critical enable the built-in Create Threat Response Incident action. If you wanted to also promote the High Severity detections as incidents, you can do the same with the built in Priority B: Severity High rule.

Once promoted into SecureX threat response as an incident you can begin to extend the incident  using the features of threat response and the incident manager as discussed in Part one.  For example, in the below figure, we can see the occurrence of the alarm CSE: Employees to Bottling Line, and we are examining the observables in the incident .

Clicking Investigate Incident will launch an investigation, extending the incident with relevant information about those observables by querying the APIs of integrated products to find what those products know about the observables. The investigation of the above incident results in the below figure where we can see additional context. Of interest here is that there are multiple different incidents from Secure Network Analytics associated with the IP Address involved (bottom left of the figure). We are also able to observe the target endpoint involved has the hostname w7-darrin (top left of the graph).

You might notice the groupings of 8 IPs, 4 IPs and 27 IPs – when it comes to data from Secure Network Analytics every edge in the graph is a behaviour observation (Security Event in Secure Network Analytics nomenclature – these are observations that are being made but not necessarily alarms).

Leveraging this knowledge about how SecureX threat response displays data from Secure Network Analytics, we’re going to return to the incident from Part Two; the automatically created and enriched, high severity incident involving the host w7-darrin. Opening the snapshot of the incident and adding the IP Address 10.90.90.201 results in the view below.

At this point we’ve significantly extended the incident to include data not only from the original incident but more completely brought in data from Secure Network Analytics. What started as a High Impact incident, largely driven by endpoint severity settings (in this case the use of tor.exe) led to a picture with greater context of a host that is using banned software (tor.exe), actively cryptomining and for some unknown reason violating network security policy by connecting over RDP to the production bottling line. The volume of infractions shown in one screen is quite incriminating.

One of the great advantages of Secure Network Analytics is the wealth of network data it holds – a record of every conversation on the network – and while that can be a lot of data and you don’t always know what you’re looking for, the Security Events (or behaviour observations) generated by Secure Network Analytics help to tell you where to look. When combined with a High Impact detection from Secure Endpoint what might have been overlooked behaviour observations suddenly become much more relevant, allowing the operator to shorten that OODA loop and make decisions and take actions quicker and with greater efficiency.

In this post we’ve reviewed some concepts behind what makes a behaviour detection, why they’re valuable, how to leverage Cisco SecureX to automatically extend the detection, and how to use the behaviour observations to enrich and extend incidents from other detection products. In the next post in this series, we will continue this effort of extended detection with the automatic promotion and triaging of behaviour detections from Cisco Secure Cloud Analytics into Cisco SecureX.

Interested in seeing Cisco Secure Network Analytics and the SecureX Incident Manager in action? Activate your SecureX account now.

We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!

Cisco Secure Social Channels

InstagramFacebookTwitterLinkedIn

Share

Partner content, here is the link to the original article Read More




Are We in a Housing Bubble? Homebuyers Say Yes, Redfin Expert Says No

Historically fast home-price growth has homebuyers and sellers worried the market has become detached from reality. But Redfin’s chief economist says rising mortgage rates and buyers who can afford their homes are preventing a bubble.

Originally on Realtor.com Read More




Toast Game In a Rut? Time to Try This Mushroom Toast With Arugula & Lemon

It wouldn’t be an exaggeration to say: I’m a toast fanatic. For breakfast or a late-night snack, for me toast is the definition of comfort food, not to mention the ideal vehicle for all kinds of delicious toppings. And while it’s hard to stray from the world’s most perfect flavor combination, I’ve been mixing up my toast game lately with this delicious mushroom toast with arugula–and it’s so worth it. This makes a perfect plant-based, protein-packed breakfast or lunch for any day of the week, especially since it includes nutrient-dense mushrooms to create a flavorful meal that comes together in no time.

This mushroom toast with arugula and lemon is a great way to easily include mushrooms’ nutrients in your diet all while bringing flavor and ease to your weekly routine. It’s one of those minimal effort, maximum yield recipes that I think we could all use more of. It takes just 10 minutes to sauté the veggies and you can build from there. Pro tip: if you’re joining us for our Plant Based RE:SET, make two batches of the mushrooms when you make your mushroom and black bean tacos. It’ll make for quick work of this toast, and then you can celebrate the fact that you’re not only eating a nutrition-packed plant-based meal, but also one that’s incredibly satisfying.

1 of 4

Health Benefits of Mushrooms

Whether they’re elevating a slice of pizza, a pasta dish, or a plate of tacos, it seems like mushrooms are all that anyone’s talking about right now. While these aren’t of the hallucinogenic variety, they almost feel like “magic mushrooms” in their own right: mushrooms are the hosts of a variety of nutrients that nutritionists have linked to bone strength, brain function, and anti-aging. Various types have been touted for boosting immunity, fighting cancer, packing in major doses of vitamins and minerals, and containing high amounts of antioxidants.

According to Whole Foods trend forecast, functional mushrooms should be on your radar, with varieties like reishi, chaga, cordyceps, and lion’s mane getting street cred as wellness ingredients in dietary supplements and coffee, tea, snack bars, and broth. Instructions for freezing, storage, and leftovers

2 of 4

Healthy Swaps for This Mushroom and Arugula Toast

This mushroom and arugula toast is already super healthy, but I know that many of you guys are gluten-free. Thankfully you can easily nix the gluten in this recipe by simply swapping in your favorite gluten-free bread (we’ve got all our faves listed here.)

To make this recipe dairy-free, simply grab a carton of vegan ricotta next time you’re at Whole Foods, or skip the ricotta altogether! Since the mushroom mixture is kind of saucy on it’s own, you’ll still end up with a great flavor combo that’s not dry at all.

Twists On Toast, aka My Other Favorite Toast Combos

Toast is ripe for disruption, and one of my favorite things about it is that I can mix it up depending on my mood and what’s in my fridge. Here are some of my other favorite healthy toast combos that are perfect for breakfast, lunch, or dinner (yes, sometimes I crave toast for dinner, too):

Sunday Night Avocado Toast with a Jammy Egg: it’s quite simply my favorite meal when I’m running low on groceries.

Tuna Toast with Oven-Roasted Tomatoes: People got really riled up when I called this “niçoise,” and I’ll admit: that was probably a stretch. However don’t let that deter you from making this incredibly delicious flavor combo on toast.

Sweet Potato Toast 3 Ways: Another way to nix the bread if you’re going grain-free or just want to pack some extra veg in your diet. So good!

Sautéed Carrot & Hummus Toast: Never would I have guessed how addictive this flavor combo would be, but Suruchi really brought the toast inspo with this one.

Burrata Toast with Caramelized Walnuts and Mint-Pomegranate Pesto: Don’t let the fancy name fool you: this one’s easy enough to whip on up on a weeknight but jaw-dropping enough to be your go-to dinner party appetizer.

3 of 4

Tips for Doubling This Mushroom and Arugula Toast

Like most toast, this is an easy one: you can double the ingredients and throw them together super quick for a crowd. I even recommend making a double batch of mushrooms when you make our Mushroom & Black Bean Tacos during the Plant-Based RE:SET, since your mushroom mixture will be ready to rewarm and pop onto your ricotta toast even in the midst of a busy day.

My one pro pro tip is to sauté the mushrooms in two batches. When cooking mushrooms, it’s important not to overcrowd the pan. You want each mushroom to come into direct contact with the pan and get that crispy sizzle, rather than crowding together and “steaming.” So, I allocate a little more time for this step: after sautéing the first batch, I transfer to a plate while the second batch cooks, then I add them all back to the pan together to stay warm until it’s time to serve.

4 of 4

How to store leftovers

Mushroom Toast with Arugula makes a great leftover lunch, just store the mushroom mixture mixture in an airtight container in the fridge, then when you’re ready to eat, toast your bread and pile the leftover sautéed mushrooms on sourdough toast slathered with creamy ricotta.

Scroll on for the recipe, which is part of our Plant-Based RE:SET, a new 5-day meal plan that launched today! Packed with delicious breakfast, lunch, and dinner recipes, this is a week’s worth of meals that’ll leave you feeling lighter, brighter, and energized. Sign up here! 

Originally found on Camille Styles Read More