Bite Sized Cyber Crime

News has hit the mainstream media that all your passwords have been leaked yet again, in a massive password leak including Google, Meta, and Apple. But how much of that sensationalized story is true?

Sources: https://pastebin.com/Xi1MPpFg

And it could happen to you too. On this week's episode of Bite Size Cyber Crime I detail an actual scam I fell for and emphasize that anyone can be a victim of a scam anywhere on the internet.

Malware is everywhere, even inside of other malware. One tool advertising itself as an advanced remote access trojan ended up being much more, a backdoor infecting novice hackers. This was not just a one off, however, and lead to the discovery of a massive backdoored malware campaign infecting other hackers and gaming cheaters.

Sources: https://pastebin.com/C4DG6LTw

Using an MSP can be handy for getting your IT set up or managing technical support without hiring a lot of full time staff, but there are risks that can come with outsourcing your IT to a third party. One MSP was compromised, leading to many customers having ransomware headaches.

Sources: https://pastebin.com/hLKSqRaS

Piracy and accidentally getting malware go hand in hand for many, and though the days of Limewire viruses on your Linkin Park albums are mostly over, modern problems require modern solutions so attackers have moved to modern platforms to spread malware to those not interested in paying for software.

Sources: https://pastebin.com/i7yriZXy

Coinbase is one of the largest crypto exchanges, but when corrupt employees are compromised into handing over data to scammers, a series of social engineering attacks took place. The scammers demanded a ransom, but Coinbase fired back.

Sources: https://pastebin.com/dTZR6hKw

Pearson is an education giant, providing learning tools and standardized assessments across many fields, schools, and organizations. Recently they were breached by what was likely a series of relatively minor mistakes.

Sources: https://pastebin.com/YemUE0Xi

This is one of the craziest stories I've ever covered in my 3 years of this podcast, and hearing both sides somehow makes the situation even less clear. Cybersecurity firm CEO Jeff Bowie accessed hospital computers and wrote malicious scripts on them intended to steal data. But why?

Sources: https://pastebin.com/qqLMem11

NFC has allowed for payments to be easier than ever, but it was only a matter of time before this method was exploited by threat actors. A bold, new real time malware that leverages NFC has been making rounds.

Sources: https://pastebin.com/QgquMLj8

The CVE program is essential for tracking vulnerabilities all across the technology industry, but what happens when funding is cut? Let's talk about what's been going on with the CVE program.

Sources: https://pastebin.com/QPVXe6kD

You're always told to never plug in a random flash drive because it may have malware on it, but is that really a thing? The answer is yes, and it can potentially compromise a military mission.

Sources: https://pastebin.com/LURNpcH5

Tax season is a stressful time for many in the US, and this creates the perfect opportunity for a number of scams against virtually anyone living in the US. Be aware of fake documents, fake filing services, and unusual emails.

Sources: https://pastebin.com/zJQGMndk

A hacker claimed to have stolen 6 million lines of data from Oracle, which Oracle swiftly denied. However when security firms received data samples and showed them to customers, the data was confirmed to be real.

Sources: https://pastebin.com/6WnaeYZs

Google, though a tech giant, has lagged behind Amazon and Microsoft when it comes to cloud computing, but this bold new acquisition could bridge that gap... or introduce legal troubles.

Sources: https://pastebin.com/004Wu6hv

Elon Musk has become a controversial political figure, leaving little surprise that one of his projects, the X platform, became a target for a hacktivist group, leaving the major social media platform down from a DDoS attack.

Sources: https://pastebin.com/Pa6b0nrm

Ransomware groups sometimes run into issues, like being blocked by security tools, and often have to pivot. Some techniques are less conventional than others, but are just as destructive. Here's how a webcam led to ransomware being deployed org wide.

Sources: https://pastebin.com/FHxVYgBg

Building access management is an important part of physical security that has only become more intelligent. However, with all the data on these systems that exist on employees it is important that they are properly secured. Recently, 49,000 systems were found unsecured on the open internet with data viewable, and sometimes modifiable.

Sources: https://pastebin.com/8feGBvEu

Government contractors are expected to follow certain compliance policies, so what happens when a company lies about compliance? Hefty fines tend to follow.

Sources: https://pastebin.com/vJPEikD9

SWATting is a dangerous crime that involves making extreme police reports against people to illicit a response from the SWAT team. This has resulted in innocent people being killed or injured. One teen turned making these reports into a business and was recently sentenced to 4 years in prison for it. Learn about his crimes and methodology today.

Sources: https://pastebin.com/ET9xMi85