Bite Sized Cyber Crime

In 2007 clickbait emails could make you part of a botnet that silenced cybersecurity professionals and performed attacks for anyone on the dark web willing to pay. Not a worm, but a Trojan, this is how the Storm Worm was ahead of its time.

Sources: https://pastebin.com/nPbinx0i

There's a reason you should use a unique password for every website you use, but most people simply don't. How are you supposed to make and remember dozens of passwords for each site that are completely unique and can't be written down?

What if I told you it doesn't have to be that difficult?

XZ Utils is an inconspicuous program in many Linux distributions that allows you to compress files. However, it seems one maintainer of the open source project had much more malicious plans.

Sources: https://pastebin.com/awZzM7qk

Denial of Service attacks are annoying at best, and can endanger people at worst. Usually you need a lot of manpower to launch one, but a new method was developed recently that requires just one machine.

Sources: https://pastebin.com/NS7RuYSi

Change Healthcare is a major medical clearinghouse, nearly half of all insurance transactions go through them, so when ransomware struck the effect was felt all over the healthcare industry. However it gets stranger, as the group responsible seems to have scammed their affiliates and faked a takedown.

Sources: https://pastebin.com/PRmnEGnL

Tesla is a tech company as much as it is a car company, which can present unique challenges when trying to incorporate security. Even intended features can end up being major vulnerabilities, like the feature to add a car key to a cell phone.

Sources: https://pastebin.com/S7Sb2KCb

VPN gateways are supposed to securely connect you to an environment, however Ivanti gateways are rather exploitable, and their built in integrity checker may give you a false sense of security.

Sources: https://pastebin.com/G7H6f4kL

Lockbit is one of the most notorious ransomware gangs out there, and recently a multinational operation arrested several people involved, stole back extorted cash, and released a decryptor for the ransomware. However, Lockbit isn't quite dead yet.

Sources: https://pastebin.com/Y6rTab6R

Email encryption is important for keeping confidential information safe, as well as communicating over unsecured networks, or in potentially hostile nations. One bug in 2017 was able to break this encryption though, exposing the plaintext content of encrypted emails.

Sources: https://pastebin.com/UZ2r4Pcq

One of the best renowned children's hospitals, Lurie, in Chicago has been experiencing an outage for nearly two weeks, with parents feeling as they've been left in the dark. Recently it was revealed that a "known cyber threat" was responsible.

Sources: https://pastebin.com/1CwAkQ7Q

Data breaches are the worst nightmare of many organizations that collect sensitive data. Europcar was going to be the next company breached, except on closer inspection, none of the data posted was real.

Sources: https://pastebin.com/wDwTunKb

The fear that the government or someone else is spying on you is a common one, moreso with modern technology. In some cases, that fear is not unreasonable. Pegasus is spyware developed by Israeli cyber-arms company NSO Group, and it has been sold to many governments and fallen into the wrong hands.

Sources: https://pastebin.com/9JHz3ZDU

Mobile devices are everywhere, carried with us everywhere we go in our day. This makes them perfect targets for Spyware. Recently a new method was discovered to uncover hidden Spyware on suspected infected phones.

Sources: https://pastebin.com/5pYN9bnj

Russia and Ukraine are at war, but these days war is not always boots on the ground. The internet and modern technology introduced a whole new way to attack enemies, and after Russia took down Ukraine's biggest telecoms provider a Ukrainian group decided to take revenge.

Sources: https://pastebin.com/SwDJiy1r

A new attack method against the SSH protocol, the very first of its kind, was recently discovered by German researchers. It leaves millions of servers at risk of attack, and it practical to exploit, but is it as bad as it sounds? Find out today!

Sources: https://pastebin.com/kTpwXexy

Rockstar Games recently released the trailer for GTA6, around the same time a Lapsus$ hacker was sentenced indefinitely to a secure hospital. This sentence has stirred up some controversy and misunderstanding that i will try to contextualize and clarify.

Sources: https://pastebin.com/dsSb7uDX

After infiltrating a prolific ransomware gang, the FBI seized their website and decrypted data for hundreds of companies for free! But instead of going out peacefully, ALPHV may be out with a vengeance.

Sources: https://pastebin.com/VgL3MRii

Typically the cybercrime gangs we see launch major ransomware attacks, holding even the biggest companies hostage. However, there are also groups that provide fake accounts and services to those attackers to make their attacks quicker and easier. One of them, Storm-1152 was shut down by Microsoft and Arkose labs. Listen all about it today!

Sources: https://pastebin.com/BeJEAybk

Bluetooth is a wireless protocol we all know and love that has freed us from headphone wires getting caught on anything. But recently an old flaw in Bluetooth was discovered that allows hackers to trick your phone into thinking a Bluetooth keyboard is connected, allowing a lot of access.

Sources: https://pastebin.com/z9pZxPVd