This Week In Nerd News #87 - A Breach That Amplifies

Roasting 0ktapus: The phishing campaign going after Okta identity credentials.

169 unique domains were used for the phishing campaign and really not a complicated process as this has been a smishing standard for some time. The good news is, this can be protected from even before knowing about a campaign.

Multi-factor authentication (MFA) is often implemented as a form of enterprise identity security to protect organizations against credential theft , dictionary attacks, and brute force techniques. But what if MFA is intercepted by a fraudster? In the cyber arena, where there is a continuous arms race with offensive and defensive strategies trying to outcompete each other, techniques that overcome MFA have existed for some time. In this blog, we share the techniques that utilize surprisingly simple tools that were used to overcome enterprise identity access management (IAM) and conduct supply chain attacks.

Plex imposes password reset after hackers steal data for >15 million users.

Intruders were able to access personal information for the majority of its 30 million users.

Streaming media platform Plex on Wednesday said it was hacked by intruders who managed to access a proprietary database and make off with password data, usernames, and emails belonging to at least half of its 30 million customers.

“Yesterday, we discovered suspicious activity on one of our databases,” company officials wrote in an email sent to customers. “We immediately began an investigation and it does appear that a third-party was able to access a limited subset of data that includes emails, usernames, and encrypted passwords.”

Hackers steal crypto from Bitcoin ATMs by exploiting zero-day bug.

As per Zack Whittaker’s summary: “Hackers are exploiting a zero-day bug in a popular General Bytes bitcoin ATM by targeting its crypto application server that allows an attacker to create an admin user. Using that admin account, the attacker can modify its settings and swap out a cryptocurrency wallet under their control. Sneaky!”

Hackers have exploited a zero-day vulnerability in General Bytes Bitcoin ATM servers to steal cryptocurrency from customers.

When customers would deposit or purchase cryptocurrency via the ATM, the funds would instead be siphoned off by the hackers

General Bytes is the manufacturer of Bitcoin ATMs that, depending on the product, allow people to purchase or sell over 40 different cryptocurrencies.

SpaceX and T-Mobile plan to connect mobile phones to satellites, boost cell coverage.

No more dead spots. While bandwidth will only be 2-4Mbits per cell zone, that sufficient for calling and texting just about anywhere in the world when it launches!

U.S wireless carrier T-Mobile US Inc will use Elon Musk-owned SpaceX’s Starlink satellites to provide mobile users with network access in parts of the United States, the companies announced on Thursday, outlining plans to connect users’ mobile phones directly to satellites in orbit.

The new plans, which would exist alongside T-mobile’s existing cellular services, would cut out the need for cell towers and offer service for sending texts and images where cell coverage does not currently exist, key for emergency situations in remote areas, Musk said at a flashy event on Thursday at his company’s south Texas rocket facility.