Bite Sized Cyber Crime

Wikipedia is often used as a starting point for research, and recently it was seemingly under attack. Vandalism is common, but what is uncommon is the activation of malicious code that sat waiting on their systems for years before it was set off by an admin reviewing code.

Sources: https://pastebin.com/QRYXC05C

I've noticed a concerning trend and legislation coming up in some countries that will require government ID to access certain social media websites. The issue stems from child safety, which is a worthy cause, but it will end up not only putting children at risk, but everyone else as well.

Usually data breaches happen from an attacker breaking in, but sometimes an organization inadvertently leaks their own data, PayPal did just this with the most sensitive data about small business owners and it sat on the internet for 6 months.

Sources: https://pastebin.com/hxqJeJey

Outlook add ins can really improve the user experience of the application, allowing for extended capabilities. However if a developer abandons an add in project and leaves it without updates without properly removing it or discontinuing support it could lead to threat actors hijacking a trusted add in and using it to steal information.

Sources: https://pastebin.com/7Kny6W8M

The Shiny Hunters failed to extort Panera in a data theft attack and leaked the data found. Thankfully the damage seems rather minimal as the information is, for the most part, not all that sensitive.

Sources: https://pastebin.com/EXKcrrDL

They say never to pay a ransomware, but this one you should especially never pay because you will definitely not get anything back if you do. As it turns out vibe coding can lead to mistakes that end up with threat actors losing the keys to their own ransomware.

Sources: https://pastebin.com/VuSZpJKQ

Bug bounty programs are a good way to practice your hacking skills while contributing to the greater good, but unfortunately some people want the rewards without having the skills, which have resulted in cURL being overwhelmed by completely nonsensical AI slop bug reports.

Sources: https://pastebin.com/ZBdpci1U

Bluetooth is the standard these days for listening to audio but it presents some issues that wired doesn't, and I don't mean sound quality. Implementations of Bluetooth protocols can have vulnerabilities and when those hit it could mean you're being listened to.

Sources: https://pastebin.com/Kq9TieQC

Instagram users saw a barrage of password reset attempts on their accounts and it seems to be related to a dataset that was just leaked to BreachForums of scraped user data.

Sources: https://pastebin.com/AfMVFBDm

The holiday season is a rather expensive time of year, not just with gift buying but with scams that take advantage of the season. One thing rather unexpected however, was a Christmas Eve update that drained the wallets of some TrustWallet users.

Sources: https://pastebin.com/NHqAjqzM

Most threat actors come and go with the times, not lasting more than a couple years. Prince of Persia was assumed to be one such group, but it turns out they not only returned but never left in the first place.

Sources: https://pastebin.com/9yJ1fxP3

Usually ransomware targets large entities, but as always no one is truly safe online. This specific malware targets individual android users sideloading apps from illegitimate sources.

Sources: https://pastebin.com/3J3uAVHt

CIS recently released an advisory warning of a stealthy backdoor that has been targeting VMWare shots and stealing data from snapshots of virtual machines. These are the details of that backdoor

Sources: https://pastebin.com/ppt9V3b1

In the security world it is becoming more and more necessarily to invest in controls around AI and the web browser. This attack targets both and often leaves absolutely no trace on your end, as the attack never leaves the browser.

Sources: https://pastebin.com/rz744p1b

Cloudflare had a massive outage on Tuesday morning that many suspected was some kind of big attack by nation state hackers, however it turns out to have been a lot more simple than that. A little internal error caused a domino effect that took out much of the web for several hours.

Sources: https://pastebin.com/ftmYtFv7

We have our fears of AI taking over the world and killing all the humans, which we are still rather far from, however a more urgent worry is the use of AI automomous agents taking the place of hackers themselves. Once such group managed to offload 80% of the technical hacking work to Claude Code.

Sources: https://pastebin.com/PzTM7dZT

Last week we discussed a weird email sent to students, staff, alumni, or basically anyone associated with the University of Pennsylvania. This week some new developments in the case occurred that could leave data at risk, but the attacker's motivations and actions seem odd.

Sources: https://pastebin.com/GDKhPmrE

I learned how to generate censorship bleeps! But also a strange and vulgar email was sent out to alumni, donors, clients, staff, and current students from the University of Pennsylvania warning that a data leak was inevitable. But is there any substance?

Sources: https://pastebin.com/MbJwdrYA

We've talked about North Korean threat actors being hired for jobs in order to steal data, but what about North Korean threat actors hiring people to steal data? Seems backwards, but it's been going on for years and recently teh defense sector has become a target of these attacks.

Sources: https://pastebin.com/yrWK4K20