Our website may use cookies to improve and personalize your experience and to display advertisements (if any). Our website may also include cookies from third parties like Google Adsense or Google Analytics. By using the website, you consent to the use of cookies. We’ve updated our Privacy Policy. Please click on the button to check our Privacy Policy.

AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 03/29/2021

Credit Card Hacking Forum Gets Hacked, Exposing 300,000 Hackers’ Accounts

Carding Mafia, a forum for stealing and trading credit cards has been hacked, exposing almost 300,000 user accounts, according to data breach notification service Have I Been Pwned. The data breach allegedly exposed the email addresses, IP addresses, usernames, and hashed passwords of 297,744 users. Have I Been Pwned announced the data breach on Tuesday, saying the breach happened last week. On the Carding Mafia forum and its public Telegram channel, however, there was no sign that its users have been warned. Carding Mafia has more than 500,000 users, according to the forum’s own statistics. The site administrator did not immediately respond to an email asking for comment. 

 

Software renewal scammers unmasked

We’ve been tracking a fraudulent scheme involving renewal notifications for several months now. It came to our attention because the Malwarebytes brand as well as other popular names were being used to send fake invoices via email. The concept is simple but effective. You receive an invoice for a product you may or may not have used in the past for an usually high amount. Feeling upset or annoyed you call the phone number provided to dispute the charge and ask for your money back. That was your first mistake. The second is letting strangers access your computer remotely for them to uninstall the product in order to avoid the charge. Before you know it your computer is locked and displaying random popups. In this blog, we follow the trail from victim to scammer and identify one group running this shady business practice.

 

NSA director says U.S. has a ‘blind spot’ for detecting attacks like SolarWinds, Microsoft Exchange

The top official at the U.S. National Security Agency and U.S. Cyber Command told lawmakers on Thursday that the common failing with recent high-profile cyber attacks boils down to U.S. government agencies having a gap in visibility of foreign hackers using domestic infrastructure to launch attacks.

At a hearing held by the U.S. Senate Committee on Armed Services, General Paul Nakasone repeatedly emphasized that nation state adversaries are aware of this gap and are actively exploiting it in part because it allows them to better evade the eye of intelligence agencies like the NSA that are focused on activity conducted outside the U.S. “We have to be able to see what’s happening… [our adversaries] are no longer just launching their attacks from different parts of the world,” said Gen. Nakasone. “They understand that they can use our infrastructure and there’s a blind spot for us.”

 

What is an NFT? Non-fungible tokens explained

Have you seen the word “NFT” spinning around the internet lately, and found yourself completely confused as to what everyone’s talking about?  An NFT is a non-fungible token. Non-fungible, in this context, means that it’s unique and (literally) irreplaceable. In practice, NFTs can be any sort of digital item that someone might want to own, such as a piece of music or a painting. (Graphic designer Beeple just sold an NFT artwork at a Christie’s auction for an unheard-of $69 million.) It can even be a tweet, like Twitter founder Jack Dorsey’s first one, which just sold for nearly 3 million dollars. Most NFTs are part of the blockchain of the Ethereum cryptocurrency. When you buy one using cryptocurrency, you can verify on the blockchain that you are sole owner of that work: no one can undo your ownership of an NFT or re-create the exact same one that you have.

 

Apple releases iOS 14.4.2 and watchOS 7.3.3 – You should install them ASAP

Apple has released new versions of iOS, iPadOS, and watchOS, and if you have an iPhone, iPad, or Apple Watch the official advice is that you should update them sooner rather than later. iOS 14.4.2, iPadOS 14.42, and watchOS 7.3.3 all fix an active vulnerability, Apple says, which it believes has already been exploited. “Processing maliciously crafted web content may lead to universal cross site scripting,” the company says in its security report about the new software. “Apple is aware of a report that this issue may have been actively exploited.” The fix, Apple says, was “improved management of object lifetimes.” The company had been notified of the security loophole by two members of the Google Threat Analysis Group, Clement Lecigne and Billy Leonard. That team works to identify potential security issues in popular software, and has been responsible for identifying several such problems in iOS and iPadOS before now.

Related Posts