@hoernchen72 @fasnix @expertenkommision_cyberunfall EXAKT DAS!
Oft sind das #Betrüber die Menschen dazu überreden (#SocialEngineering / #SocialHacking) und/oder entsprechend #FUD machen.
Ist nix anderes als die #Schockanruf-Taktik, nur halt 'irgendwas mit #Cyber' und sei's nen Fake-#Popup.
DATE: March 17, 2025 at 08:37PM
SOURCE: HIPAA Watch from JD Supra
Direct article link at end of text block below.
Right To Know - March 2025, Vol. 27 https://t.co/tKRTmIPnxh
Here are any URLs found in the article text:
Articles can be found by scrolling down the page at https://www.jdsupra.com/ under the title "Latest Updates".
-------------------------------------------------
Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org
Most healthcare security and privacy posts related to IT or infosec are at @rsstosecurity
-------------------------------------------------
Looks like there is some good human manipulation, er, "social engineering" lately using a pretext of looking for security work and sending links through weird domains that redirect to calendly links for what I assume is an opportunity to continue the con. For now, I would BOLO URIs with ?redirectTo=https://calendly.com/* in the parameters. I can't say they're necessarily malicious, but I would certainly scrutinize them and the domain you see them redirected from, especially if the original subdomain is t or trk.
New #Blog post - My #scammer girlfriend: baiting a romance fraudster
Warning, this is a **long** post.
I decided to fall for a #RomanceFraud campaign so that I could see what #SocialEngineering techniques they used and what data _they_ leaked.
They spent 3 weeks building the storyline + relationship before eventually asking for money
https://www.bentasker.co.uk/posts/blog/security/seducing-a-romance-scammer.html
Russian State Actors: Development in Group Attributions
This analysis explores the evolution of Russian state-backed cyber actors and their operations. It highlights the activities of several prominent groups, including UNC2589, APT44 (Sandworm), APT29, and APT28. These actors, associated with various Russian intelligence agencies, have been involved in global espionage, sabotage, and influence operations. The report details their targets, which include government organizations, critical infrastructure, and diplomatic entities across multiple countries. It also describes the groups' adaptation to new security measures and their use of advanced techniques such as zero-day exploits, social engineering, and living off the land tactics. The analysis emphasizes the importance of understanding these actors' methods for improving global cybersecurity resilience.
Pulse ID: 67cc2ca27d4672d04ef4eb01
Pulse Link: https://otx.alienvault.com/pulse/67cc2ca27d4672d04ef4eb01
Pulse Author: AlienVault
Created: 2025-03-08 11:40:18
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
@GossiTheDog the sheer fact that #MSPs & #CSPs can access clients' setups without proper #authorization [including #KYC / #KYB, #AuthCode|s and proper authorization via contract] is already sickening.
Such fundamental #ITsec fuckups are reasons alone not to use #Azure or any #Microsoft products & services at all...
Someone has apparently registered a Boost mobile phone plan to an email group at my company like security@company[.]com. I’ve verified emails ARE coming from boost servers and the links seem to go to legit boost urls - what’s the scam? #socialengineering #infosec
"A new device logged into your account from #PYONGYANG"
revolutionary new vectors in #socialengineering.
https://www.europesays.com/1864110/ North Korea’s Lazarus Group now using crypto gifts to breach security defenses #Conflicts #LazarusGroup #NorthKorea #SocialEngineering
At this point, I don't think I can solve tech issues purely by the book. Not only technology keeps on rapidly evolving, but human interactions and reactions to said tech has been very overlooked IMO. Infosec might as well be considered as an art as well as a science.
With access to one of the largest, most diverse data sets in all of cybersecurity, Proofpoint is dedicated to tracking and reporting threat actors and their evolving TTPs. This research blog (brnw.ch/21wQMTw) is packed full of new threat insights including...
#TA2726 and#TA2727, two new cybercriminal threat actors who operate components of web inject campaigns.
#FrigidStealer, a new info stealer for Mac computers delivered alongside malware for Windows and Android hosts.
See our blog for full details, Emerging Threats signatures, and IOCs.
If you're active on LinkedIn: Be especially aware of new connection requests claiming to be from laid-off government workers. This pains me to say, because a lot of excellent people are going to be creating new LinkedIn accounts, or dusting off accounts they haven’t used. They need our support and access to our network to find new jobs. But...
I just declined a connection request from someone claiming to be laid off from the Office of Management and Budget (OMB), because there were several indicators that it was a fraudulent account.
Just like any other disaster, the cybercriminals will use the current turmoil to their advantage if they can.
Stay diligent so you can give real assistance to real people.
All the #infosec bullshit #security work of the last 20 years just looks like cosplay nonsense.
Turns out you can just walk in through the front door with a bunch of zitty #blackhats
As long as you use the "ideology" #socialengineering #sploit and steal and destroy everything.
Cybercrime of the century.
(1/2) In another life I wrote about data breaches. Surprisingly hacks usually resulted from basic attack patterns. Often just credential abuse. Effectively knowledge asymmetry + exploitation of trust.
Once I noticed this, I saw the pattern everywhere. Companies finding ways to sell harmful products. The wealthy using clout to avoid legal consequences. Building systems resistant to trust violations is hard. Thinking about this has become a bit of an obsession.
One day Ima write a whole piece on social engineering, but in the meantime here is my number one tip on how to not being a walking security hole:
LET PEOPLE BE WRONG.
No, you don't have to correct them.
The easiest way I have learned to get people to spill shit they shouldn't be telling you is to be wrong about something.
People love to be right. Let them correct you on a small thing, first, then they will feel good about telling you SHIT THEY ABSOLUTELY SHOULDN'T BE SAYING.
If I can resist correcting an oversized goon who's been harassing me for four years, as he blathers abject nonsense at me non-stop, you can get out of the habit of correcting people who didn't directly ask for your help.
Let them be wrong.
Let them be LOUD and wrong.
It's enough that you know.
@MissConstrue @GhostOnTheHalfShell
Can we just shovel Texas into the Gulf of Mexico?
I would just like to say that these signs in the DFW airport bathrooms are peak social engineering, and I do hope Dan Patrick enjoys all the phone calls from people upset about the government photographing their hairy bits.
@yurnidiot As Kevin Mitnick taught us all, there's always two ways to open a door.
1) Learn how to pick the lock, get friendly with some locksmiths;
2) Get even more friendly with the person who already has the key, and persuade them to give it you.
It's so much easier to get inside if someone has freely granted you access.
