Another crazy week in the Cyberz. This is my recap of the last week worth of fun (and not) related to the world of cyber. To get updates more often, subscribe to my blog or follow me on twitter.
This has been formatted in Reddit markdown so inline images are gone. To see it in all it's glory, CLICK HERE
I'll be down by Ft. Lauderdale Thursday and Friday while speaking at the South Florida ISSA Conference
. If you are around and want to meet up for a cold one, let me know. I'm just going to start with Vault 7
I mean, really, how could I not? On Tuesday WikiLeaks dropped a bomb
on the infosec world (perhaps the world in general) when they published roughly eleventy-trillion pages of data related to CIA offensive cyber capabilities. It's full of 0-days and different vulnerabilities/hack with fun little names like "SnowyOwl" and "Weeping Angel". For example, Weeping Angel can use Samsung Smart TVs to covertly record audio conversations. If/when it's confirmed that this is really a legit CIA info dump (which it appears to be), it won't be pleasant. As it is, a lot of people int he US Government are probably creating new grey hair and ulcers at this very moment. I am not going to try to analyze the whole dump, but I will say that some of this stuff is a bit spooky. Just remember, Don't Blink! Over 1 Biiiiiiiiilion email addresses exposed by spammers misconfigured backups
Karma is a bitch. River City Media screwed up their Rsync configs
and accidentally backed up their data to an internet-facing server, exposing all of the data where it was discovered by Chris Vickery
, a security researcher for MacKeeper. He contacted the authorities and relevant orgs to help shut down the infrastructure. Hopefully that 1.3 billion records, some containing home addresses and IP's, don't drop in to the hands of other spamming orgs. Time will tell TorrentLocker (aka Cryptolocker) is back and farming credentials as well.
After taking some time off, Cryptolocker appears to be back
in a very aggressive campaign, and it has some new 'features'. It's sent via Word docs with a PowerShell script, infects and spreads via shared files, and it's also grabbing credentials as well. Right now it appears to be targeting Europe, especially Italy, but we need to keep our eyes open regardless of where we live. 16 Senators and Staff In Pennsylvania Locked Out Of Their Systems By Ransomware
This happened to the Pennsylvania Senate Democratic Caucus
on Friday and the website is still down
as of the time of this post on Wednesday evening. This can't be a fun day over there. As of Friday, Pennsylvania Democrats spokeswoman Stacey Witalec said, “At this point we are working with Microsoft to see where we’re at.”
Odds are, it was a phishing email some poor unsuspecting staffer clicked on. This is a good time to take them from unsuspecting, to a healthy level of paranoia by training them about the threat. Dot ransomware - Coming soon to a network near you
I've mentioned Raas (Ransomware as a Service) before, but it's really starting to show some growth potential. The "Dot" RaaS strain
is currently being advertised on the dark web, so we can expect to see it hitting pretty soon. This one is a zero money down, profit-sharing strain with a 50/50 split. Expect more of this sort of thing to start rolling out in the near future. If it remains profitable, it will continue to grow. Eyes Open Aussies - ASIC phishing email is spreading Cryptolocker It looks like it's hitting folks this morning
(Monday), so keep an eye open for it. Cryptolocker attacks have been on the rise lately
and are wreaking some havoc with new "features". Stay sharp out there! Shamoon 2 May Get a Ransomware Feature and StoneDrill Hides in Memory
This is a good read from DarkReading
. In summary, Shamoon was Sha-sleep for quite Shum time (You see what I did there, right?) but returned last year to harass some folks in the Middle East. It is typically deployed as data wiping malware, but it seems as if the developer realized that there can be money in adding a ransomware feature in version 2. While it's not in the wild yet, it's a lesson that malware devs are starting to see the value in coding a ransomware option in to what they are already distributing.
Also, StoneDrill is injecting itself into the memory process of the user's browser and doing a good job of ducking under sandbox radars. It appears to share code with NewsBeef and/or Charming Kitten APTs which are generally affiliated with Iranian State-Sanctioned options. Currently these are still focused on the Middle East, but it appears at least one European org has been infected with it. Mystery Shopper Email Scams - Yeah, They Still Happen
It's important that we help educate others that these scams do still happen. Lower income, unemployed and retired people are especially prone to this sort of scam. It sounds like easy money, and even appeals to the undercover 007 type in most of us, but it can do a number on your bank account.
Key thing to remember is, if someone sends you a check and asks you to send the change, it's a scam. This doesn't matter if it's a car purchase on ebay or craigslist, or anything else, don't do it. Checks can take a long time to clear, or be found to be fake, and you are held holding the bag.
Mystery shopping is the SCAM OF THE WEEK
here at KnowBe4, and there is some good info on what to look for, and something you can copy/paste for friends and family. Check it out. W2 Scams are off the charts right now
This week was just stupid, so I'm going to just group them together Yet Another W2 Breach - 2,400 at Autoneum North America Inc.
Sadly the Swiss company disclosed about 2,400 employees W2's
to scammers. The employees were in Jeffersonville, Indiana; Oregon, Ohio; Bloomsburg, Pennsylvania; and Aiken, South Carolina; and at its North American headquarters in Farmington Hills, Michigan. At least 1 employee already found their taxes having been filed by the scammers. Daytona State College W2 Breach
Hundreds of current and former employees could be affected by the breach
, although they are being very vague on how it happened. Gee, I wonder, could it possibly be a W2 phishing scam? Go figure. Yukon Public Schools Hit With Data Breach
And again I find myself reporting on a W2 scam. This time, It's Yukon Public Schools
that fell for a phishing scam and emailed W2's to scammers. Superintendent Dr. Jason Simeroth said the email looked like it was sent from him, then later in the story it was mentioned that it was spoofed from an AOL email address. Really? AOL in this day and age? This is twice today I have heard of people using AOL email. I really thought it was dead.
Kids, today's lesson is, if you are handling sensitive information or transferring money, you might want to pick up the phone BEFORE you hit send. Just sayin. Groton Public Schools - Yet Another W2 Scam Victim
This is really getting stupid. School after school are sending the teacher's W2 to scammers. Groton Public Schools
in Connecticut is the focus of this post. You know, because teachers don't have enough to deal with, what with miniature humans eating the all of the paste and creating mayhem by the truckload. Glastonbury, CT Public Schools Hit By W2 Scam
Another day, another district reporting a breach
. This time it was Glastonbury Public Schools who did it. It was everyone but the food service personnel (the district appears to know enough NOT to mess with the folks that handle their food). How does anyone in the school systems not know about this scam already? Sheesh! Tyler Independent School District Falls For W2 Scam
From Tyler, TX. They found out about it on Wednesday
. I like that they are taking steps though, as the district said they will "continue and improve upon our information security awareness and training programs for all employees." Good, comprehensive awareness training IS how you combat this 1 Bitcoin is worth more than an ounce of gold
Pretty crazy that this unregulated vapor-currency is worth more than gold isn't it? AWESOME PICTURE Gas Pump Tamper Alarm May Have Foiled Skimmer Install
I am glad to see the new pumps have tamper alarms and that they may actually work. This one was an issue pretty close to home in Ocala, FL
The tamper alarm went off and the clerk checked it out, possibly spooking a few guys that were acting weird. We need more of this sort of thing happening. #MHN, #kippo and #Dionaea still cooking along. Now to capture binaries...
So, I've been playing with Kippo and Dionaea using the Modern Honey Network (MHN) tool and having some fun with it. At this point, I'm going to reload my Kippo box at home and deploy it with Dionaea as well rather than WordPot. I like being able to see the different types of attacks on FTP and HTTP, but I'm having some trouble with the config.
Currently, FTP will make a connection, but fails to send a directory listing. Likewise, I am not capturing any binaries right now. I tried making the folder wide open (777 & nobody:nogroup) but still no luck. If you have any ideas, let me know please. I want to start playing with captures. In the meantime, my pew pew map is about done collecting sources now. Few of the attacks come from a new place now. Pew pew map Attacks on various services
While binary options are used in a theoretical framework as the building block for asset pricing and financial derivatives (a binary option maps to the cumulative distribution function of the risk-neutral distribution), they have been exploited by fraudulent operations as many binary option outlets (outside regulated markets) have been shown to be scams. If they are right, the binary options they purchase will increase in value to $100. If they are wrong, their binary options will be worth $0. Therefore, one only has to get a single yes or no question right to make money off of a binary options trade. If one buys a binary option for $25, then they can either lose $25 or make $75 for each binary option they purchase. This is only one of the many, many binary options trading software scams out there, claiming to make you win a decent amount of your trades in the binary options market. They claim you don’t need any type of experience as well as no knowledge of what you will be doing. The software will do it all for you. But, They’re Different Binary options are gambling, plain and simple. I'm sorry to say, that money is gone, they are not obliged to help you and any "trading advice" is covered by a million disclaimers saying they are not responsible, you are. I hope you have success with s75, but I would be surprised. How can I get scammers to email me? This includes all spheres - binary options, shop scams, ebay scams etc etc? 11 comments. share. save hide report. 80% Upvoted. This thread is archived . New comments cannot be posted and votes cannot be cast. Sort by. best. best top new controversial old q&a. level 1. Deathsbrood13. 6 points · 2 years ago. Go to any platform and either look for ads that are ... A binary options trading platform brand of HF Markets (Europe) Ltd, OptionTrade was set up in 2013 to provide traders of binary options with “…a cutting-edge trading environment” and the opportunity to earn up to 85%. With the state of the Gen 2 SpotOption trading platform, OptionTrade is able to offer its clients unrivalled trading experience and a diverse range of contracts such as 60 ... More specific to binary option videos is that person is most likely a marketer and they have.in the end, we are happy to say that we have detected no signs of any tr binary options scam. Iq option review 2017.recensioni su iq option migliori bonus recensione onesta.trading finance is. Is iq option a scam 0 honest review pro trader reveals the truthread this first and. Il broker iq option offre ... They are called binary options because there can only be 2 outcomes - either you get your payout, or lose your money. Each option has a predetermined expiration date and an agreed payout. For example, if you decide to buy a "call" Binary Option on Bitcoin this means you think the price will rise. If at the stated expiration date the price was higher than what you've bought it at, you get your ... Binary Options Scams; Forex Trading Scams; Cryptocurrency Scams; Other Common Scams; Contact Us. Contact Us; Press Inquiries; Partner with Us; Yes, Scammers Do Get Caught. Not all scammers are pros. Some scammers do get caught. The most common questions scam victims ask when they contact us at MyChargeBack may very well be these: 1. Do scammers get caught? 2. Do police ever arrest them? 3 ... Binary options auto trading is quite famous among both professional and young online investors.Yet, many of them try to get the opinions of the market leaders towards it. As a lack of financial literacy and opposing views in the trader’s network lead to the doubts of the effectiveness of these trading bots.
Binary options are essentially “bets” as to whether the value of an asset will increase or decrease in a fixed (and often very short) period of time. They are typically offered through online ... Should I Trade Binary Options? Are They a Scam? // Binary options trading reviews Strategy Options trading 101 Want more help? Contact me at davidmoadel @ gmail . com Plenty of stock / options ... Hi everyone I would like to show you the biggest cheater binary options broker on the market. Its name is anyoption.com They have several tools to steal your... Hi Friends i no have good experience with Opteck binary option its all i explain ready if you have any question ask me Shah +639495702504. Binary options trading good or bad Discover is binary options trading good or bad, and earn upto 80% return on investment per month without doing anything. Fund the broker account and give access ... Beware of Cedar Finance ( Cedarfinance.com ) Based on reviews and testimonials on multiple websites it's obvious that they are a scam. The safest way to trade binary options is with a fully EU ... Scams related to Binary Options are very common these days, due to the major popularity of these Digital Options. Brokers pop up over night, being there for the reason to Scam traders. You should ... Start learning here: http://www.FTSBinaryCurriculum.com This video is part of a new awareness campaign that I'm starting, can't believe I'm actually going to... Ultimate4Trading Review Scam or Legit Binary Options Trading Ultimate4trading works by calculating the trend of stock markets and heps to predict how the price of the market will behave on a ... Binary options are not a scam, but you should be on the lookout for these three metrics when you eventually decide to trade binary options. First, you must ensure that you trade in a regulated ...