@campuscodi@mastodon.social
@campuscodi@mastodon.social avatar

campuscodi

@campuscodi@mastodon.social

Cybersecurity reporter for Risky Business

#infosec #cybersecurity #security

This profile is from a federated server and may be incomplete. Browse more on the original instance.

campuscodi, to random
@campuscodi@mastodon.social avatar

Twitter is full of idiots blaming the Fico assassination attempt on everything under the sun. From the WHO to Soros.

That site keeps digging its own grave of irrelevance

campuscodi, to random
@campuscodi@mastodon.social avatar

Newsletter: https://news.risky.biz/risky-biz-news-ebury-botnet-compromises-entire-isps-and-hosting-providers/
Podcast: https://risky.biz/RBNEWS288/

-Ebury gang compromises entire ISPs and hosting providers
-UK announces Share and Defend project
-UK advises against paying ransoms
-Helsinki discloses data breach
-New RFDoS attack takes down sites with their own firewall
-Apple, Google block unwanted Bluetooth trackers
-Firefox 126 will now track searches by US desktop users
-Tornado Cash developer sentenced
-Estate PhaaS leaks internal DB
-INC ransomware code sold online

campuscodi,
@campuscodi@mastodon.social avatar

Plus:

-History of the SolarMarker malware family
-Malware reports on Black Basta, CrealStealer
-Reports on campaigns abusing malvertising, FoxIT exploits, copyright violation notices, and more
-GitCaught campaign
-Mallox ransomware campaign hits MSSQL DBs
-Trik botnet spams loads of LockBit payloads
-APT reports on Lazarus, PhantomCore, CeranaKeeper
-Patch Tuesday is out
-2 MSFT zero-days, one Chrome one
-CYBERUK 2024 videos
-New tools—Fiddleitm, IconJector, wayback-keyword-search

campuscodi, to random
@campuscodi@mastodon.social avatar

Newsletter: https://news.risky.biz/risky-biz-news-black-basta-group-spam-bombs-victims-and-then-calls-to-help/
Podcast: https://risky.biz/RBNEWS287/

-Black Basta group spam-bombs victims and then calls to help
-Smart home wall pad hacker sentenced
-Another Europol data breach
-Google fixes a Chrome zero-day
-US Navy to build a unified cyber defense network
-UK NHS warns of attacks on Arcserve UDP servers
-Christie's hacked ahead of big auction
-Firefox to add Bounce Tracking Protection
-New US Project Fortress
-ICO crypto-scammers detained
-Hacker-for-hire suspect set free

campuscodi,
@campuscodi@mastodon.social avatar

Plus:

-US Coast Guard sends phishing alert
-Malicious Minecraft mod found
-New Activator macOS malware
-Malware reports on Cuckoo Stealer, Kinsing, HiddenShovel, and the Rhysida, BlackBasta, and Wormhole ransomware strains
-APT reports on Lazarus, Kimsuky, and MuddyWater
-Cinterion modem vulnerabilities impact IoT/ICS gear
-Big NextJS and PDF.js bugs
-New PressHammer attack
-New tools—HoneyTrail and HelloJackHunter
-RSA and UniCon conference videos

campuscodi, to random
@campuscodi@mastodon.social avatar

Is Gmail useless these days? I keep marking domains as spam, yet they're back the next day in my inbox with literally the same email/domain I marked as spam a few hours ago

campuscodi, to random
@campuscodi@mastodon.social avatar

Newsletter: https://news.risky.biz/risky-biz-news-68-tech-companies-pledge-to-cisas-secure-by-design-project/
Podcast: https://risky.biz/RBNEWS286/

-68 tech companies pledge to CISA's Secure by Design project
-European Parliament discloses data breach
-Another major US healthcare chain gets hacked;
-Scattered Spider returns
-F5 fixes some major bugs
-Dell data breach
-Zscaler denies breach
-Ukraine attacks Russian software company
-Kosovo sees DDoS attacks after showing support for Ukraine
-Russia's fake UA defacements
-800 solar power monitoring devices hijacked in Japan

campuscodi,
@campuscodi@mastodon.social avatar

Plus:

-Canada's British Columbia province suffers a breach
-WebDetetive/OwnSpy second hack
-Russian hackers hijack Balticom TV signals
-Boeing confirms $200mil ransom in 2023 ransomware incident
-StackOverflow AI bros turn on their users
-New Apple security guides
-First Cybersecurity Posture of the US report
-Skimmer gang detained
-BogusBazaar gang runs 75K fake online stores
-Reports on Tycoon 2FA PhaaS and Cerberus gangs
-NSO uses lawsuit to go after CitizenLab's methods

campuscodi,
@campuscodi@mastodon.social avatar

And:

-16 OAGs send a privacy letter to Congress
-New WordPress malware
-Malware reports on AsyncRAT, Mirai, Viper
-Summary of Russian APT activity in Ukraine
-Emerald Divide info ops
-CopyCop info ops
-Doppelganger and Havana Syndrome info ops
-Doppelganger and the campus protests info ops
-New APT28 attacks in Poland
-New covert channel attack uses CPU speeds
-NetNoiseCon 2024 videos
-New tools in PGDSAT, Misconfig Mapper, CISA Parsnip, CISA Vulnrichment, and CCTV

campuscodi, to random
@campuscodi@mastodon.social avatar

LockBitSupp doing the media tour with the same boring ass "you got the wrong guy" routine that all the previous ransomware dudes attempted and failed

campuscodi, to random
@campuscodi@mastodon.social avatar

This is just of the many tweets that are flooding Twitter these days praising Telegram and discouraging users from using Signal with stupid NSA and FBI conspiracy theories.

Under no scenario you should have Telegram installed on your phone. It's basically the Hulk Hogan of E2EE apps

campuscodi,
@campuscodi@mastodon.social avatar

Other people are now seeing the same Twitter spam.

Many of these spammy accounts are post Feb 2022 accounts, suggesting a Russian nexus.

campuscodi, (edited )
@campuscodi@mastodon.social avatar

@noodlejetski That's exactly why I'm not taking that clown seriously. There's actual cryptographers calling his app out and his response was that "whataboutism"

campuscodi, to random
@campuscodi@mastodon.social avatar

Newsletter: https://news.risky.biz/risky-biz-news-lockbit-leader-unmasked-charged-and-sanctioned/
Podcast: https://risky.biz/RBNEWS285/

-LockBit leader unmasked, charged, and sanctioned
-UK accuses China of hacking Ministry of Defense
-New TunnelVision attack leaks VPN traffic
-MITRE links hack to UNC5221 (UTA0178)
-Crypto whale user loses $71mil
-New SecureDrop crypto protocol
-CSRB adds 4 new members
-New CyberCom #3
-New US international cyberspace strategy goes live
-Ransomware payments go down
-Russia links MorLock ransomware to Ukraine

campuscodi,
@campuscodi@mastodon.social avatar

Also:

-Microsoft teases new secure ZTDNS client
-FBI warns of STORM-0539
-New tool—Okta Terrify
-Black Hat Asia 2024 slides
-RIOT OS investigates why vulnerabilities took weeks to patch
-Malware reports on Matanbuchus, HijackLoader, Formbook, zEus Stealer, Guntior
-GNUSai loses $1.27mil
-DDoS attacks hit more than 50 Moldovan govt sites since March
-All LockBit affiliates have been identified, per NCA
-Apple releases M4 chip
-FTC fines BetterHelp $7.8mil

campuscodi, (edited ) to random
@campuscodi@mastodon.social avatar

US charges Russian national with developing and operating the LockBit ransomware

https://www.justice.gov/opa/pr/us-charges-russian-national-developing-and-operating-lockbit-ransomware

US sanctions here: https://home.treasury.gov/news/press-releases/jy2326

UK sanctions here: https://www.gov.uk/government/news/uk-and-allies-sanction-prolific-cyber-hacker

AU sanctions here: https://www.foreignminister.gov.au/minister/penny-wong/media-release/cyber-sanction-imposed-russian-citizen-ransomware-activity

NCA statement here: https://www.nationalcrimeagency.gov.uk/news/lockbit-leader-unmasked-and-sanctioned

Europol statement here: https://www.europol.europa.eu/media-press/newsroom/news/new-measures-issued-against-lockbit

"KHOROSHEV, Dmitry Yuryevich (a.k.a. KHOROSHEV, Dmitrii Yuryevich; a.k.a. KHOROSHEV, Dmitriy Yurevich; a.k.a. YURIEVICH, Dmitry; a.k.a. "LOCKBITSUPP")"

campuscodi, to random
@campuscodi@mastodon.social avatar

Newsletter: https://news.risky.biz/risky-biz-news-microsoft-ties-security-goals-to-exec-compensation/
Podcast: https://risky.biz/RBNEWS284/

-Microsoft ties security goals to exec compensation
-EU countries condemn Russia over APT28 hacks
-Hacker-for-hire suspect detained in London
-SiegedSec campaign targets far-right groups
-Another Webex leak in Germany
-City of Wichita suffers ransomware attack
-Ukraine cyberattacks Russia's Tatarstan region
-Microsoft bans LEA from using AI for facial recognition
-New US international cyberspace strategy coming at RSA

campuscodi,
@campuscodi@mastodon.social avatar

Plus:

-New EU cyber rules for electricity providers
-EU guide for PQC transition
-NATO Locked Shields 2024 concludes
-Operation PANDORA disrupts 12 scam call centers
-BTC-e boss pleads guilty
-Law enforcement teases LockBitSupp dox again
-New Android click fraud trojan
-Mal.metrica, FIN7, and Gootloader campaigns
-APT reports on HideBear and Sandworm's Kapeka
-Vuln reports in Microsoft's PlayReady DRM, the Jitsi Meet video conferencing tool
-Unpatched bug and PoC in Tinyproxy servers

campuscodi, to random
@campuscodi@mastodon.social avatar

A Prospect article argues that News of the World, a newspaper owned by Rupert Murdoch, didn't just hack the phones of celebrities and politicians to get scoops, but also stole data to help its owner's business empire commercial endeavors.

https://www.prospectmagazine.co.uk/ideas/media/phone-hacking/65891/did-the-murdoch-empire-hack-mps-for-commercial-ends

campuscodi, to random
@campuscodi@mastodon.social avatar

Please never stream on Twitch if you have a bad mic.... literally half the audio on this site is just room noise

campuscodi,
@campuscodi@mastodon.social avatar

@zl2tod

just bad mics... the amount of beard scratching, lip smacks, and fans I've heard on Twitch is giving me new fetishes

campuscodi, to random
@campuscodi@mastodon.social avatar

The details around that Outabox hack are giving me a headache

campuscodi, to random
@campuscodi@mastodon.social avatar

A REvil affiliate was sentenced today to 13 years and seven months in prison

Dayummmmm! :AAAAAA: :AAAAAA: :AAAAAA: :AAAAAA: :AAAAAA:

https://www.justice.gov/opa/pr/sodinokibirevil-affiliate-sentenced-role-700m-ransomware-scheme

campuscodi, to random
@campuscodi@mastodon.social avatar

Newsletter: https://news.risky.biz/risky-biz-news-researchers-propose-new-privacy-txt-format/
Podcast: https://risky.biz/RBNEWS282/

-Researchers propose new privacy.txt format
-FTC fines US telcos $196 million for selling location data
-Change Healthcare hacked via unprotected Citrix account
-FTC expands breach notification rules to health apps
-Most automakers don't require a warrant to share data
-UK's rip-and-replace of Chinese security cameras hits 50%
-EU to investigate Meta for failing to stop massive Russian disinfo op
-IPv4 prices go down

campuscodi,
@campuscodi@mastodon.social avatar

Plus:
-Vastaamo hacker sentenced to prison
-2.81mil malicious packages found on DockerHub
-New SecretCrow group targets South Korea with vishing
-Muddling Meerkat abuses China's Great Firewall for ops
-Investigation into Lazarus money laundering
-R vulnerable to unsecured deserialization flaws
-Google increases bug bounties for its mobile apps
-Google blocked 2.2mil bad Play Store apps
-Malware reports on Wpeeper, COSMU, Zloader, Darkgate, Cuckoo, Dagon Locker
-Infosec F1 sponsorship news (kek)

  • All
  • Subscribed
  • Moderated
  • Favorites
  • Leos
  • everett
  • magazineikmin
  • Youngstown
  • thenastyranch
  • rosin
  • slotface
  • ngwrru68w68
  • Durango
  • PowerRangers
  • kavyap
  • cisconetworking
  • tsrsr
  • DreamBathrooms
  • anitta
  • mdbf
  • tacticalgear
  • khanakhh
  • ethstaker
  • vwfavf
  • InstantRegret
  • modclub
  • osvaldo12
  • cubers
  • GTA5RPClips
  • normalnudes
  • tester
  • provamag3
  • All magazines
    •