AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 06/21/2022

A Microsoft 365 feature can ransom files on SharePoint and OneDriveCould

Researchers from Proofpoint reported that a feature in the in Microsoft 365 suite could be abused to encrypt files stored on SharePoint and OneDrive. “Proofpoint has discovered a potentially dangerous piece of functionality in Office 365 or Microsoft 365 that allows ransomware to encrypt files stored on SharePoint and OneDrive in a way that makes them unrecoverable without dedicated backups or a decryption key from the attacker.” reads the post published by Proofpoint. The researchers detailed an attack chain that allows encrypting files in the compromised users’ accounts, unfortunately for the victims, these files can then only be retrieved by paying a ransom to receive the decryption keys.

 

How Tinder scammers steal your heart, then your money

If you were one of the millions of people who watched Netflix’s The Tinder Swindler, you may have shaken your head in wonder at how women could be allegedly hoodwinked out of millions of dollars. Surely they should have known better, some say. In reality, it’s not that simple. People fall for these scams for the same reasons that they fall prey to cold-call scam texts claiming that their loved one is in hospital and fees urgently need to be paid: When emotions are involved, rational thinking can go out of the window.

 

Capital One Attacker Exploited Misconfigured AWS Databases

The 36-year-old Seattle tech worker behind the infamous 2019 Capital One data breach has been convicted on seven charges related to the data theft — which are punishable by up to 20 years in jail. In the incident, Paige Thompson, who operated under the hacker handle “erratic,” made off with more than 100 million credit applications that were held in a misconfigured Amazon Web Services storage bucket in the cloud. She was arrested shortly thereafter, after the banking giant traced the malicious activity back to her and alerted the FBI.

 

Why Paper Receipts are Money at the Drive-Thru

Check out this handmade sign posted to the front door of a shuttered Jimmy John’s sandwich chain shop in Missouri last week. See if you can tell from the store owner’s message what happened. If you guessed that someone in the Jimmy John’s store might have fallen victim to a Business Email Compromise (BEC) or “CEO fraud” scheme — wherein the scammers impersonate company executives to steal money — you’d be in good company. In fact, that was my initial assumption when a reader in Missouri shared this photo after being turned away from his favorite local sub shop. But a conversation with the store’s owner Steve Saladin brought home the truth that some of the best solutions to fighting fraud are even more low-tech than BEC scams.

 

iOS 16 will let you bypass CAPTCHAs on some apps and websites

When iOS 16 comes out later this fall, you may notice that you don’t have to deal with as many annoying CAPTCHAs asking you to slide a puzzle piece or distinguish between a hill and a mountain. That’s because Apple’s introducing a feature for its iPhones and Macs called Automatic Verification, which let some sites know that you’re not a bot without you actually having to do anything (via MacRumors).

 

1.5 million customers impacted by Flagstar Bank data breach

Flagstar Bank has disclosed a security incident that led to the exposure of personal data belonging to up to 1.5 million customers. As reported by Bleeping Computer, the data breach occurred between December 3 and December 4, 2021. The US financial organization is headquartered in Michigan and operates over 150 branches in areas including Indiana, California, Wisconsin, and Ohio. Flagstar Bank caters to consumers and the enterprise, accounting for roughly $23.2 billion in assets. Flagstar Bank is a subsidiary of Flagstar Bancorp, listed on the NYSE as FBC.

Related Posts