Welcome to the Threats Without Borders Newsletter!
You’ll quickly notice something different about this weeks newsletter - non-clickable links.
A few subscribed colleagues have reported the newsletter being delivered intermittently. I suspect that certain email systems are dropping the email for some type of rules violation.
I have tried different things over the past few weeks to see if anything increases the open-rate. Some issues have had images, some not. Some have had long form writing, others just a collection of short notes. Some have had embedded video media, others not.
The open rate has remained the same so now I’m to the links. I suspect email systems with stringent rules are viewing the message, and its multitude of clickable links, as unwanted spam and dropping it before it makes it to the recipients inbox.
I apologize for forcing you back to old-school copy and paste, but please bear with me as I try to figure this out.
Matt
You get what you pay for
And not paying can get you cracked. Avast issued this report about attackers inserting malware into “cracked” software offered for free on the Internet. You know high cost software like Photoshop, Premier, Office, and even Windows, All the things you don’t want to actually spend money on so you’ll download it from some sketchy back-corner of the Internet website. https://blog.avast.com/fakecrack-campaign
Fake site, real victims
A double-take at a suspicious Facebook log-in page led Pixm researchers to a large scale social media credential harvesting campaign that has been active since the fall of 2021. The researchers estimated at least one million user credentials have been compromised through the malicious log-in pages. https://pixmsecurity.com/blog/blog/phishing-tactics-how-a-threat-actor-stole-1m-credentials-in-4-months/
Ransom, no straight extortion
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA)and the Financial Crimes Enforcement Network (FinCEN) released a joint advisory to provide information on the Karakurt data extortion group. This modified ransomware group just flat-out steals your data and then demands payment or they will release the data to your competitors, clients, public, law enforcement… whoever you don’t want to see it. The method eliminates the protection from back-ups and other ransomware mitigations. https://www.cisa.gov/uscert/ncas/alerts/aa22-152a
Mobile banking = mobile crime
Zimperium released their banking threat report “Mobile Banking Heists: The Global Economic Threat”. The report provides an analysis of ten mobile banking trojans and over 600 targeted mobile financial applications. If you think the criminals haven’t made mobile banking their main target, consider the top nine targeted mobile financial apps cover banks, investing, payments, and cryptocurrency with over 260,000,000 total downloads. That’s a LOT of potential victims. https://blog.zimperium.com/mobile-banking-heists-emerging-threats-and-how-to-respond/
The Rest…
Wired Magazine claims the darkweb market Alphabay is back. The original clerk is allegedly dead so it’s not really the same Alphabay. Is it? https://www.wired.com/story/alphabay-dark-web-market-ranking/
Cybereason released the report “Ransomware: True Cost to Business 2022”. https://www.cybereason.com/press/cybereason-ransomware-true-cost-to-business-study-reveals-organizations-pay-multiple-ransom-demands
The leader of the Terra cryptocurrency group knew the Luna was going crash so he cashed and dashed! https://thecryptobasic.com/2022/06/09/tfl-employees-told-sec-that-do-kwon-cashed-out-hundreds-of-millions-of-dollars-months-before-terra-imploded/
Cool Job(s)
Senior Manager of Fraud and Chargeback Operations - Eventbrite
https://jobs.lever.co/eventbrite/be65e9fa-ee84-41b4-aee5-9dbc713c5029
Senior Manager of Fraud Risk - Bill.com
https://www.bill.com/about-us/jobs?gh_jid=4490338004&gh_src=a109ba074us
Cool Tool(s)
StopTheMadness is a web browser extension that stops web sites from making your browser harder to use. And it protects your privacy on the web!
https://underpassapp.com/StopTheMadness/
Know someone’s username? You’re halfway to finding them!
https://usersearch.org/index.php
Irrelevant
Alternatively titled “What do top hats and defund-the-police have in common?
Thank You so much for taking the time to open this weeks email. It’s no fun writing to no one.
Matt
“OPPORTUNITY FINDS THOSE WHO ARE DOING SOMETHING ALREADY.” - me still waiting for that opportunity
Super Long In-Depth Read
How Cyber Criminals Target Cryptocurrency - Proofpoint. Is it even worth targeting anymore?
https://www.proofpoint.com/us/blog/threat-insight/how-cyber-criminals-target-cryptocurrency