AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 04/04/2022

“A little gift for you” SMS spam appears to come from your own phone number

If you’ve received a spam SMS message sent from your own phone number, don’t panic. No, you weren’t hacked. And you’re not the only one who has received such a message, which looks a bit like this: Free Msg: Your bill is paid for March. Thanks, here’s a little gift for you: {redacted link}. But why do they make it look like the text has come from your own number? It’s likely the scammers spoofed it in order to get past built-in filter features because they don’t block messages you send yourself. The Verge writer Chris Welch said that clicking the link directed him to Channel One Russia, a Russian state media network. But this could have easily led to nefarious payloads, like malware, and some have already classed this as a smishing (or “SMS phishing”) attempt.


Phishers make a date with your calendar apps

Calendars are a rich source of bad behaviour for scammers and spammers. They’re one of the most prolific tools the workplace has for collaborative actions and general cross-purpose messaging. They’ve been misused by bad actors for many years now, most commonly spamming unwary potential victims and leading them to bad times ahead. Scammers abuse pretty much any beneficial feature you can think of in order to get the job done. In 2016, Mac spammers made use of the ability to suggest events found in other apps. They also fired calendar invites to people’s iCloud addresses, meaning the spam would hit the calendar and the notification center.


Hackers have found a clever new way to steal your Microsoft 365 credentials

Cybercriminals have started using Static Web Apps, an Azure service, in their phishing attacks against Microsoft 365 users. Researchers from MalwareHunterTeam noted Static Web Apps have two features that are being abused with ease – custom branding for web apps, and web hosting for static content such as HTML, CSS, JavaScript, or images. These features have been used by threat actors to host static landing phishing pages, the researchers are now saying. These landing pages look almost identical to official Microsoft services, with the company logo, and the Single SignOn (SSO) option that harvests Office 365, Outlook, or other credentials.


The Mobile Network Battlefield in Ukraine – Part 1

It has been nearly 5 weeks since Russia’s new invasion of Ukraine. Prior to the invasion on February 24th 2022, a number of observers worried or believed that the Russian offensive would involve co-ordinated large amounts of IT attacks on key infrastructure, including on Ukrainian communication networks. The effects of these attacks would have been globally widespread and publicly felt. However, headlines regarding cyberattacks since the invasion had been muted, although there have been some public reports on the use of cyberattacks on Ukrainian national critical infrastructure. 


Russia’s slow cyberwar in Ukraine begins to escalate, experts say

The war in Ukraine has come with an ever-present threat of cyber catastrophe, as experts and US military officials remain on high alert for potential hacks. And while the big one has yet to come, the battle online continues to escalate. UK intelligence officers warned on Thursday that Russia is increasingly seeking out cyber targets as its ground military campaign in Ukraine stalls. Additional reports on Wednesday revealed Russian hackers recently attempted to penetrate the networks of Nato and the militaries of some eastern European countries. These developments showed that “things are heating up” on the cyber front, said Theresa Payton, cybersecurity expert and former White House chief information officer. “We should prepare for the worst and operate at our best,” she said.


American Express users locked out for HOURS: no login, no payments

Yesterday, American Express users across the world including US, UK, and Europe, experienced widespread outages lasting hours. And, the payment services giant advises that some users may continue to experience issues online or over the phone. The issues reported by users included being unable to log in to their Amex accounts, make payments, or get to an Amex customer service representative over the phone. BleepingComputer was able to briefly reproduce issues right before Amex confirmed partially restoring services. American Express customers around the world were left without the means to make payments, as hours-long outages prevented users from logging into their accounts. Technologist Jacob Rothstein suspected whether the issues were connected to Amex’s recently introduced “one login for all accounts” feature. The new feature integration would enable customers to access both Savings accounts and credit cards from one dashboard, Amex had previously announced.


The metaverse is coming, but so are all these security problems

Big tech shows no desire to stop trying to make the metaverse happen, whether we want it or not. Whichever particular version will win out remains to be seen, and when (the arrival of virtual and augmented reality for the masses been about five years away for about three decades now, after all). But whenever and however it arrives, it’s hard to see how the metaverse will overcome the privacy and security problems that we’ve been trying to deal with in our existing technology for far too long. Chances are it’s going to make them all a lot worse. Never forget that a significant part – probably even the majority – of the modern web is underpinned by surveillance capitalism. That is, being able to observe and analyse us, gather information on who we are and what we like, is fundamental to the business model of nearly all of the big tech companies.

Related Posts