BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Medusa Gang Strikes Again, Hits Nearly 300 Fort Worth Property Owners
/in General NewsThough a municipal agency assures the public that few are affected, hundreds have their data held ransom for $100,000 by the ransomware gang.
darkreading – Read More
Match Systems publishes report on the consequences of CBDC implementation, led by CEO Andrei Kutin
/in General NewsBy cybernewswire
Dubai, UAE, April 10th, 2024, CyberNewsWire Match Systems, a leading authority in crypto crimes investigations and crypto AML…
This is a post from HackRead.com Read the original post: Match Systems publishes report on the consequences of CBDC implementation, led by CEO Andrei Kutin
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
‘eXotic Visit’ Spyware Campaign Targets Android Users in India and Pakistan
/in General NewsAn active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India and Pakistan, with malware distributed via dedicated websites and Google Play Store.
Slovak cybersecurity firm said the activity, ongoing since November 2021, is not linked to any known threat actor or group. It’s tracking the group behind the operation under the
The Hacker News – Read More
Google Chrome is getting a new security feature to address memory corruption
/in General NewsThe most popular web browser is getting a bump in security with the help of what Google’s calling the V8 Sandbox.
Latest stories for ZDNET in Security – Read More
How Nation-State DDoS Attacks Impact Us All
/in General NewsGlobal organizations and geopolitical entities must adopt new strategies to combat the growing sophistication in attacks that parallel the complexities of our new geopolitical reality.
darkreading – Read More
Cagey Phishing Campaign Delivers Multiple RATs to Steal Windows Data
/in General NewsVarious anti-detection features, including the use of the ScrubCrypt antivirus-evasion tool, fuel an attack that aims to take over Microsoft Windows machines.
darkreading – Read More
AT&T Data Breach Update: 51 Million Customers Impacted
/in General NewsThe recent AT&T data breach impacts 51 million customers, the company tells the US government.
The post AT&T Data Breach Update: 51 Million Customers Impacted appeared first on SecurityWeek.
SecurityWeek – Read More
Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers
/in General NewsOn April 9, Twitter/X began automatically modifying links that mention “twitter.com” to read “x.com” instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links — such as fedetwitter[.]com, which until very recently rendered as fedex.com in tweets.
The message displayed when one visits carfatwitter.com, which Twitter/X displayed as carfax.com in tweets and messages.
A search at DomainTools.com shows at least 60 domain names have been registered over the past two days for domains ending in “twitter.com,” although research so far shows the majority of these domains have been registered “defensively” by private individuals to prevent the domains from being purchased by scammers.
Those include carfatwitter.com, which Twitter/X will now truncate to carfax.com when the domain appears in user messages or tweets. Visiting this domain currently displays a message that begins, “Are you serious, X Corp?”
Update: It appears Twitter/X has corrected its mistake, and no longer truncates any domain ending in “twitter.com” to “x.com.”
Original story:
The same message is on other newly registered domains, including goodrtwitter.com (goodrx.com), neobutwitter.com (neobux.com), roblotwitter.com (roblox.com), square-enitwitter.com (square-enix.com) and yandetwitter.com (yandex.com). The message left on these domains indicates they were defensively registered by a user on Mastodon whose bio says they are a systems admin/engineer. That profile has not responded to requests for comment.
A number of these new domains including “twitter.com” appear to be registered defensively by Twitter/X users in Japan. The domain netflitwitter.com (netflix.com, to Twitter/X users) now displays a message saying it was “acquired to prevent its use for malicious purposes,” along with a Twitter/X username.
The domain mentioned at the beginning of this story — fedetwitter.com — redirects users to the blog of a Japanese technology enthusiast. A user with the handle “amplest0e” appears to have registered space-twitter.com, which Twitter/X users will now see as the CEO’s “space-x.com.” The domain “ametwitter.com” already redirects to the real americanexpress.com.
Some of the domains registered recently and ending in “twitter.com” currently do not resolve and contain no useful contact information in their registration records. Those include firefotwitter[.]com (firefox.com), ngintwitter[.]com (nginx.com), and webetwitter[.]com (webex.com).
The domain setwitter.com, which Twitter/X will currently render as “sex.com,” redirects to this blog post warning about the recent changes and their potential use for phishing.
Sean McNee, vice president of research and data at DomainTools, told KrebsOnSecurity it appears Twitter/X did not properly limit its redirection efforts.
“Bad actors could register domains as a way to divert traffic from legitimate sites or brands given the opportunity — many such brands in the top million domains end in x, such as webex, hbomax, xerox, xbox, and more,” McNee said. “It is also notable that several other globally popular brands, such as Rolex and Linux, were also on the list of registered domains.”
The apparent oversight by Twitter/X was cause for amusement and amazement from many former users who have migrated to other social media platforms since the new CEO took over. Matthew Garrett, a lecturer at U.C. Berkeley’s School of Information, summed up the Schadenfreude thusly:
“Twitter just doing a “redirect links in tweets that go to x.com to twitter.com instead but accidentally do so for all domains that end x.com like eg spacex.com going to spacetwitter.com” is not absolutely the funniest thing I could imagine but it’s high up there.”
Krebs on Security – Read More
Beware: GitHub’s Fake Popularity Scam Tricking Developers into Downloading Malware
/in General NewsThreat actors are now taking advantage of GitHub’s search functionality to trick unsuspecting users looking for popular repositories into downloading spurious counterparts that serve malware.
The latest assault on the open-source software supply chain involves concealing malicious code within Microsoft Visual Code project files that’s designed to download next-stage payloads from a remote URL,
The Hacker News – Read More
Researchers Resurrect Spectre v2 Attack Against Intel CPUs
/in General NewsVUSec researchers resurrect Spectre v2 attack, showing that it works against the Linux kernel on the latest-generation Intel CPUs.
The post Researchers Resurrect Spectre v2 Attack Against Intel CPUs appeared first on SecurityWeek.
SecurityWeek – Read More