AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 08/10/2022

Phishing attack adds pressure with countdown clock

A new phishing attack tries to panic users into entering their company email login credentials by displaying a countdown clock that supposedly shows how much time remains before their account is deleted. When the time runs out, nothing actually happens, but the attackers hope the ruse, taken straight from the ransomware handbook, will pressure victims into acting without thinking. The attack begins with a message falsely telling the user that access to their account had been attempted from a location not used before. The message includes a malicious link the user is told to click to “verify their email.” Read more details about the attack at ZDNet. 


WhatsApp unveils new privacy features to make it easier for you to avoid people

Have you ever wished that you could leave an annoying group chat without everyone being notified? WhatsApp now makes that possible. This morning, WhatsApp announced that it would be adding several new privacy features to offer users more control and privacy protection. The first major update is the ability to leave a WhatsApp group chat without having to notify the entire group. The only person that will be notified of your departure will be the admin of the group which is a big change from its current model which, awkwardly, notifies the whole group chat of your departure. 


Jury Finds Ex-Twitter Worker Spied for Saudi Royals

A former Twitter worker was found guilty on Tuesday of spying for Saudi officials keen to unmask critics on the platform. Ahmad Abouammo was pronounced guilty on criminal counts including money laundering, fraud, and being an illegal agent of a foreign government, according to a copy of the verdict. Prosecutors in federal court in San Francisco told jurors that Abouammo sold Twitter user information for cash and an expensive watch some seven years ago. His defense team contended that he did nothing more than accept gifts from free-spending Saudis for simply doing his client management job. “The evidence shows that, for a price and thinking no one was watching, the defendant sold his position to an insider of the crown prince,” US prosecutor Colin Sampson said in final remarks to the jury.


SGX, Intel’s supposedly impregnable data fortress, has been breached yet again

Intel’s latest generation of CPUs contains a vulnerability that allows attackers to obtain encryption keys and other confidential information protected by the company’s software guard extensions, the advanced feature that acts as a digital vault for security users’ most sensitive secrets. Abbreviated as SGX, the protection is designed to provide a fortress of sorts for the safekeeping of encryption keys and other sensitive data, even when the operating system or a virtual machine running on top is maliciously compromised. SGX works by creating trusted execution environments that protect sensitive code and the data it works with from monitoring or tampering by anything else on the system.


What to watch for as ‘Hacker Summer Camp’ gets underway in Las Vegas

A trio of cybersecurity conferences — BSidesLV, Black Hat USA and DEF CON — kicks off this week in Las Vegas in what’s collectively known as Hacker Summer Camp, bringing together policymakers, executives, experts, hackers and enthusiasts against a backdrop of some of the most unsettled international events of recent years. Thousands of cybersecurity professionals will gather on the Vegas Strip nearly six months into Russia’s war in Ukraine, two-and-a-half years into the COVID-19 pandemic and less than two weeks after U.S. House Speaker Nancy Pelosi’s historic visit to Taiwan triggered a wave of cyberattacks.


Email marketing firm hacked to steal crypto-focused mailing lists

Email marketing firm Klaviyo disclosed a data breach after threat actors gained access to internal systems and downloaded marketing lists for cryptocurrency-related customers. Klaviyo says the breach occurred on August 3rd after hackers stole an employee’s login credentials in a phishing attack. These login credentials were then used to access the employee’s account and internal Klaviyo support tools. Using the internal tools, the threat actors downloaded marketing lists for thirty-eight customers who are in the cryptocurrency industry. 

Related Posts