August 30, 2022
David Redekop

This Week In Nerd News August 29, 2022

TWINN 87 A Breach that Amplifies

TWINN #87 A Breach that Amplifies

DNA amplification is amazing. It is like putting five sheets of paper into a photo copier and getting it to produce one million copies when it only had five to begin with. This can be used for good and it can be used for evil.

This notion of amplification exists in the world of security as well. Nation state espionage, for example, when done successfully, has this property of amplification. And in general, if you compromise high up in the food chain, the amplification can be quite large.

YouTube video

This was amplified from the original Twilio breach:

Roasting 0ktapus: The phishing campaign going after Okta identity credentials.

169 unique domains were used for the phishing campaign and really not a complicated process as this has been a smishing standard for some time. The good news is, this can be protected from even before knowing about a campaign.

Multi-factor authentication (MFA) is often implemented as a form of enterprise identity security to protect organizations against credential theft , dictionary attacks, and brute force techniques. But what if MFA is intercepted by a fraudster? In the cyber arena, where there is a continuous arms race with offensive and defensive strategies trying to outcompete each other, techniques that overcome MFA have existed for some time. In this blog, we share the techniques that utilize surprisingly simple tools that were used to overcome enterprise identity access management (IAM) and conduct supply chain attacks.

 

Read More: Roasting 0ktapus: The phishing campaign going after Okta identity credentials

 

iOS Lockdown Mode detection test proof of concept.

Interestingly the lockdown mode setting can be detected by a web server! Talk about an unintended tracking side effect!

Read More: IOS LOCKDOWN MODE DETECTION TEST PROOF OF CONCEPT (Requires the use of Safari in Lockdown Mode)

 

Plex imposes password reset after hackers steal data for >15 million users.

Intruders were able to access personal information for the majority of its 30 million users.

Streaming media platform Plex on Wednesday said it was hacked by intruders who managed to access a proprietary database and make off with password data, usernames, and emails belonging to at least half of its 30 million customers.

 

“Yesterday, we discovered suspicious activity on one of our databases,” company officials wrote in an email sent to customers. “We immediately began an investigation and it does appear that a third-party was able to access a limited subset of data that includes emails, usernames, and encrypted passwords.”

 

Read More: Plex imposes password reset after hackers steal data for >15 million users

 

Hackers steal crypto from Bitcoin ATMs by exploiting zero-day bug.

As per Zack Whittaker’s summary: “Hackers are exploiting a zero-day bug in a popular General Bytes bitcoin ATM by targeting its crypto application server that allows an attacker to create an admin user. Using that admin account, the attacker can modify its settings and swap out a cryptocurrency wallet under their control. Sneaky!”

Hackers have exploited a zero-day vulnerability in General Bytes Bitcoin ATM servers to steal cryptocurrency from customers.

 

When customers would deposit or purchase cryptocurrency via the ATM, the funds would instead be siphoned off by the hackers

 

General Bytes is the manufacturer of Bitcoin ATMs that, depending on the product, allow people to purchase or sell over 40 different cryptocurrencies.

 

Read More: Hackers steal crypto from Bitcoin ATMs by exploiting zero-day bug

 

SpaceX and T-Mobile plan to connect mobile phones to satellites, boost cell coverage.

No more dead spots. While bandwidth will only be 2-4Mbits per cell zone, that sufficient for calling and texting just about anywhere in the world when it launches!

U.S wireless carrier T-Mobile US Inc will use Elon Musk-owned SpaceX’s Starlink satellites to provide mobile users with network access in parts of the United States, the companies announced on Thursday, outlining plans to connect users’ mobile phones directly to satellites in orbit.

 

The new plans, which would exist alongside T-mobile’s existing cellular services, would cut out the need for cell towers and offer service for sending texts and images where cell coverage does not currently exist, key for emergency situations in remote areas, Musk said at a flashy event on Thursday at his company’s south Texas rocket facility.

 

Read More: Musk’s SpaceX and T-Mobile plan to connect mobile phones to satellites, boost cell coverage

 

Did you know?

There is The Cybersecurity Color Wheel, describing various security teams: red, blue, yellow, purple, orange, green, white. In small organizations, we need to wear all hats. Which one are you primarily?

Need an IT professional? Request service today.