I once worked on an investigation where the company got scammed for 40,000 promotional ink pens to the tune of over five thousand dollars. It was a comedy of errors, but the victim company didn't charge the credit card until the pens were shipped and the two pallets of pens had been delivered by the time the victim card-holder reported the unauthorized charge. The pens were designed to display the name of a restaurant in Louisiana but were delivered to an apparently abandoned warehouse in Arizona. The police in Louisiana interviewed the restaurant owner for me and were sufficiently convinced he knew nothing about the transaction. The owner of the Arizona warehouse could never be located.
I remember lamenting, cheap 10-cent plastic pens, these F'n people will literally scam for anything.
The FBI has released a notice warning that criminals are using Business Email Compromise (BEC) attacks to steal food products and ingredients.
BEC attacks usually top the Internet Crime Complain Center (IC3) list of financially profitable crimes. The reported 2021 toll in excess of 2.4 Billion dollars. And that is just what was reported to the IC3. It's well documented that most victims don't self-report.
These domestically inclined thieves are not looking to purchase birthday cupcakes either. The schemes documented so far involved "truckloads" of food products carrying hundreds-of-thousands of dollar price tags.
I guess it's a sign of the times, and the current economic environment, when criminals would rather steal food products than cash or cryptocurrency!
https://www.ic3.gov/Media/News/2022/221216.pdf
Sun sets on Atom
Atom was the first text editor that I actually used as a code editor. I’m not a programer for sure, but occasionally I’ll need to change some Python or Yaml code or write a shell script. And I have done plenty of HTML and CSS coding over the years. I have since moved on to VS Code, but Atom has a special place in my heart. Earlier this year, Github announced they would be sunsetting the application and provided an end-of-life date of 12/15/2022. The sun has set and the repository is now “read-only”. https://github.com/atom/atom
Pumpers get deflated
The Security and Exchange Commission (SEC) has charged eight individuals in connection with a stock “pump and dump” scheme they perpetuated through Twitter and Discord. The suspects pretending to be extremely successful traders willing to share their secrets for free. They weren’t and those that traded based on their suggestions got fleeced. https://www.sec.gov/news/press-release/2022-221
Goodbye SHA-1, you were a good one
For those of us who did peer-to-peer investigations back in the time of time of Limewire and eDonkey, the SHA1 hashing algorithm holds a special place in our hearts. This week, the National Institute of Standards and Technology (NIST) has declared the O.G. hash is no longer adequate and suggested everyone update their tools to use better standard such as SHA2 or SHA3 by the year 2030. https://www.nist.gov/news-events/news/2022/12/nist-retires-sha-1-cryptographic-algorithm
Worthless, or just deceptive
When a spy agency publishes a year-in-review report that tells you absolutely nothing, is it because the agency is worthless or just continuing their theme of deception? The NSA published their annual “2022 Cybersecurity Year-in-Review” Report. It’s a worthless read but I’m posting it in case any of you are curious. https://media.defense.gov/2022/Dec/15/2003133594/-1/-1/0/0139_CSD_YIR22_FINAL_LOWSIDE_ACCESSIBLE_FINAL_V2.PDF
The Rest…
The SEC also charged two employees of a large asset management firm for crimes associated with a multi-year scam that profited them 47 millions dollars. https://www.sec.gov/news/press-release/2022-228
Understand DDOS protection. https://www.red-button.net/blog/the-ddos-chessboard-understanding-ddos-protection-topology-options/
Microsoft patches major vulnerability that could lead to Qbot infection. https://www.bleepingcomputer.com/news/security/microsoft-patches-windows-zero-day-used-to-drop-ransomware/
Cool Job
Director - Special Investigations Unit (Fraud), GEICO https://careers.geico.com/us/en/job/GEICUSR0041134EXTERNALENUS/Director-Special-Investigations-Unit-REMOTE?
Cool Tools
A better (more) private way to watch Youtube videos. https://freetubeapp.io/
Google dorks for better LinkedIn searching. https://github.com/krlabs/linkedin-dorks
Irrelevant
A night in-the-life of a Portland cop. https://www.city-journal.org/a-night-in-the-life-of-a-portland-oregon-cop
In-Depth Long Read
Trustwave details a phishing scheme that used Facebook’s own infrastructure. https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/meta-phish-facebook-infrastructure-used-in-phishing-attack-chain/
Thank you for opening the email and reading this weeks issue. Hanukkah sameach, Merry Christmas, and Happy Festivus, may all of your grievances be aired!
Matt