At least three groups split from the Conti ransomware operation have adopted BazarCall phishing tactics as the primary method to gain initial access to a victim’s network.
This allows the threat actors to deploy highly-targeted attacks that are more difficult to detect and stop because of the social engineering component.
Get wrekt, spammers. Security researcher Troy Hunt has created a hilariously devious ‘password purgatory’ for people invading his inbox.
Whether it’s John Wick or The Count of Monte Cristo, we all love a good revenge story. Right now, my current favorite is a wholesome nerdy tale told by Troy Hunt.
You likely already know Hunt as the force behind Have I Been Pwned, an invaluable security resource for us normies on the internet. The website tells you if your email address or phone number has been found in data breaches, and if you’re so inclined, lets you register for notifications should your info become exposed later on.
But he also documents his various side projects. His latest: Dishing a little return pain to spammers for stealing time from him. The punishment involves sending them to what he calls “password purgatory.”
“Hello, we’ve been trying to reach you about your car’s extended warranty.” After years of seemingly unstoppable scam robocalls, this phrase is embedded into the minds of many of us. Last month the Federal Communications Commission (FCC) announced it was ordering phone providers to block any calls coming from a known car warranty robocall scam, offering hope that U.S. phone users may hear that all-too-familiar automated voice a little less often.
But there is more work required to crack down on these calls. After all, car warranty warnings are only one type of scam. To understand how robocallers reach us, and why it’s so hard to stop them, Scientific American spoke with Adam Doupé, a cybersecurity expert at Arizona State University.
[An edited transcript of the interview follows.].
North Korean hackers have been attacking individuals and organizations from the US, Europe, and South Korea to uphold Pyongyang’s interests.
Twitter has confirmed a recent data breach was caused by a now-patched zero-day vulnerability used to link email addresses and phone numbers to users’ accounts, allowing a threat actor to compile a list of 5.4 million user account profiles.
Last month, BleepingComputer spoke to a threat actor who said that they were able to create a list of 5.4 million Twitter account profiles using a vulnerability on the social media site.
This vulnerability allowed anyone to submit an email address or phone number, verify if it was associated with a Twitter account, and retrieve the associated account ID. The threat actor then used this ID to scrape the public information for the account.
Security researchers at Zscaler’s ThreatLabz group have discovered a new strain of a large-scale phishing campaign, which uses an adversary-in-the-middle (AiTM) attack technique capable of bypassing multi-factor authentication (MFA).
For the unversed, AiTM attack is a cyberattack where the attacker secretly conveys and possibly alters the communications between two parties who believe that they are directly communicating with each other, as the attacker has inserted themselves between the two parties. Hackers through this method can use the stolen cookies to log in and completely evade MFA.
The main purpose of the large-scale phishing campaign is believed to be breaching of corporate accounts to conduct BEC (business email compromise) attacks, which redirects payments toward the hacker’s bank account using forged documents, as reported by BleepingComputer.
Meanwhile, Taiwan’s Presidential Palace said cyberattack traffic on its website spiked by 200 times hours before Nancy Pelosi’s arrival in Taipei.
Bill Gates-founded Breakthrough Energy Ventures co-led a $44 million funding round for a startup that aims to accelerate solar far construction.
* At Long Last, Mathematical Proof That Black Holes Are Stable * Who Gets to Work in the Digital Economy? * Mice produce rat sperm with technique that could help conservation.
* Quantum computer can simulate infinitely many chaotic particles * Radar / AI & ML: Scaling False Peaks * Cyber security for the human world | George Loukas | TEDx.
* Can Airbnb Outperform a Potential Recession? | WSJ * San Diego joins other cities in restricting cops’ use of surveillance technology * Blue Origin launches crew of 6 to suborbital space, nails landings.
Threat actors are increasingly mimicking legitimate applications like Skype, Adobe Reader, and VLC Player as a means to abuse trust relationships and increase the likelihood of a successful social engineering attack.
Other most impersonated legitimate apps by icon include 7-Zip, TeamViewer, CCleaner, Microsoft Edge, Steam, Zoom, and WhatsApp, an analysis from VirusTotal has revealed.
“One of the simplest social engineering tricks we’ve seen involves making a malware sample seem a legitimate program,” VirusTotal said in a Tuesday report. “The icon of these programs is a critical feature used to convince victims that these programs are legitimate.”
Security researchers found a new service called Dark Utilities that provides an easy and inexpensive way for cybercriminals to set up a command and control (C2) center for their malicious operations.
The Dark Utilities service provides threat actors a platform that supports Windows, Linux, and Python-based payloads, and eliminates the effort associated with implementing a C2 communication channel.
A C2 server is how adversaries control their malware in the wild, sending out commands, configurations and new payloads, and receiving data collected from compromised systems.
