Last decade of
#infosec
in a tweet:
China is hacking everyone
Russia is hacking everyone
North Korea is hacking everyone
Israel is hacking everyone
US is hacking everyone
IoT is hacking everyone
Old exploits are hacking everyone
...And still no one patched their shit
HEY
#INFOSEC
!!!!!!!
@Namecheap
is now responding to takedown responses over Twitter. Please do the internet a solid and pass ANY malicious domains you have over to them. Thanks everyone!!!!
Good! If you only knew how many years (3) I have tried to find a security contact at Apple to help out with gift card fraud.
That's what you get for not wanting to help people out, Apple.
Incident response is cool and all, but have you ever heard of incident prevention? It's this thing where companies listen to professions and secure their organizations BEFORE a hack happens.
Proactive > Reactive.
The latest numbers are out from IC3, and it's a doozy. Not only did
#BEC
cause over 33x the damages of reported corporate data breaches, the top 6 crimes by losses mostly tie back to Nigerian fraud.
FFS, now can we start to care about
#BEC
? Please?
For those looking at the
#Vault8
stuff...
1. Download zip archive
2. make new directory, copy .git folder to there
3. cd to new directory
4. git reset --hard master
5. Hopefully saved you some time. ;)
Three years ago we launched a mailing list to fight
#BEC
, and today are launching a TLP:White Slack chat to help combat this type of fraud. If you do nothing else, please share and re-tweet this to the moon. Come help and join the fight!
If you told 12 year old me that he would be in a book, he would have told you thay you were crazy. Super humbling to have made
@TribeOfHackers
blue team!
Hey
@TwitterSupport
, how about we try and do something like, I don't know...not allow new accounts in the name of known celebrities?
I'm literally using your own tool to find the bots. And there's hundreds of these. And I expect to see a write up on these identified accounts.
I rarely post personal stuff on the Twitter's, but my wife wanted to redo my office from the boring white. This is what I get to look at every day now!!!
Just uncovered a
#BEC
attack where they modified the CC addresses with the look-alike domain.
Seriously ya'll, I've seen less-sophisticated
#APT
attacks. Ya'll really need to start taking
#BEC
seriously, or else I will "I told you so" one day. And really I don't wanna do that.
@RealSexyCyborg
I'm so offended by this picture. They depict the cowgirl drinking Bailey's, but everyone knows that cowgirls drink of choice is beer or whiskey. :P :P :P
Did you know that there are actually
#Nigerians
who are doing amazing work, are fighting the
#YahooBoys
, and are doing what they can to build a better Nigeria? :)
With
@Cofense
(1/5) Personally I've been a quiet observer of
@MalwareTechBlog
over the last several years, watching the news, arrests, tweets, support, not support, ban him, and everything else in between. It's both interesting and insane on how divided
#infosec
can be at times.
I have a bot that re-tweets everything POTUS says with "Dear Diary" added to the beginning (creds to
@mzbat
for the idea). I love angry deleted tweets that get re-posted hours later as if they were new
#GoogleYourself
When you've been in pain for the last 4 months, change your diet, start exercising, loose almost 35 pounds, aren't in pain anymore, and finally get an (almost) clean bill of health from the doctor to keep doing what you're doing.
Pic very related. Take THAT gallbladder.
@SwiftOnSecurity
@briankrebs
People are so upset about ransomware, but when you look at the financial losses, emotional abuse, lives lost on all fronts, and the fact that we're now fighting ideology problems and not cyber problems....it really sucks articulating the hurt some days. :-/
Tracy is talking about how a government official was on a train, left his laptop, and she was able to fully identify name, division, and what part of USG he worked for.
Don't be fooled: this is what an APT looks like. :)
@InfoSecSherpa
I used to do massive posts about the IC3 report but this year I don't have the energy.
#BEC
was the top crime 7 years in a row and for the last two pig butchering has been top. We knew scammers were pivoting and with all of the warnings were still here today. Somethings gotta
I have seen SO MUCH BURNOUT in infosec over the last 6 months it isn't even funny. You can't help anyone if you don't watch out for your own health.
And I'm talking from experience on this one. Don't burn out like Ronnie did. :)
Ransomware groups did not take their normal holidays over the pandemic, leaving many infosec professionals burnt out.
Happy to hear Dr. Lockwood emphasizing the need for rest for physicians and health workers, but you all need it too.
Take your PTO.
Another day, another scam victim. Today's vic is 1.7 mil down and wanted to commit suicide. Took second mortgages out on his houses.
He said he'll be starting back at less than zero. Spend 2 hours waiting for LE only to get 5 minutes with an officer to go "I'm..." 1/n
Holy crap, and look who hit the number one spot for most financial losses not once, not twice, but THREE YEARS IN A ROW!!!!!!!!!!!!!!!!!!!!!!!!!!!!! PARTY TIME!!!!!!!!!!!!!!!!!! 🥳🥳🥳🥳🥳🥳🥳🥳🥳🥳🥳
Hey
@elonmusk
, now that you're the Twitter bot overlord, can you please take these fake accounts out? I tried for two months and got nowhere with
@TwitterSupport
.
There's hundreds of these.
Yep, we are back with another one!
@iHeartMalware
will be joining
#CyberStarters23
as a speaker.
He's a Principal Threat Advisor for
@cofense
. He collaborates with law enforcement on top crimes in the world.
You still won't get your tickets?
With how bad
#Ransomware
is right now, the amount of losses we have seen on the Nigerian fraud side is unfortunately mountains (billions) more loss and damages than most realize. And this isn't me going "my crime is bigger than yours"...
Alright...now that it's officially official guess who's giving a 2 hour
#BEC
workshop at
#Defcon
@BlueTeamVillage
? THIS GUY!!!! Make sure to make sure to mark your calendars and come say hi!! Saying that I'm beyond stoked would be an understatement.
@SwiftOnSecurity
And to add to this, actors on all sides (Russian, North Korea, etc.) have used gift cards to skirt sanctions and launder money.
Great work, Apple.
Officially updating my resume. I have no idea what this next adventure will be but I'm thinking fire. Lots and lots of fire.
Fueled by the rage of a thousand scam victims.
@InfoSecPS
Absolutely none of us have our shit together, and if someone says they do they're lying. Or just don't know they don't have their shit together.
I did get to speak with him and talk him off the bridge, so as it stands he's in a better head space. He's obviously pissed at the current status quo but is ready to fight the scammers.
Because from his experience... no one else wants to right now.
We. Need. More. Help.
@LitMoose
- It doesn't have to be written in <insert popular language> if it works.
- KNOW how cat / grep / awk / sed /wc work. Seriously, know it like the front, back, and freckles on your hands.
- if you don't know, ask. The only dumb question is the unanswered one.
Travel protip: have to iron a shirt in the morning? Grab a washcloth or towel and iron that first. Irons can sit for a while in a hotel and rust, and it's better to get that rust on a washcloth than a nice shirt. Pic related, saved a shirt.
We have known about Punchmade Dev for at least two years. And there are dozens of rappers just like him.
And zero arrests.
Security researcher who tracks clowns like this, AMA about why more isn't being done. :-/
@deviantollam
The funniest thing is that torrenting went down for such a long time, because prices and content were fair. Now that prices are going back up, everyone is like "yeaaaa getting my content other ways."
A lot of you see me rambling about how
#NigerianFraud
and
#BEC
works, but I rarely tell the story publicly of how we got here. That story started as an idea and mailing list 6 years ago, and boy have we covered some ground.
Here's that story.
So this is a pretty big upgrade for me and I'm super excited to share this one. I've been editing so many videos lately that I purchased my own copy of Davinci Resolve, which came with a speed editor. Ronnie officially levels up today to create more video content!!!!!
@cantcomputer
Mostly frugal / only getting what I (personally) need. Obsessively researching a device to ensure I only have to buy one and not waste? You bet. Feeling guilty for spending that money and picturing all of the other things that could be purchased? Yuuuup.
Calling all
#infosec
#cooks
. If you cook and have a recipe you want to share...please share! Last call! Current goal is to have version 1 printed for Blackhat and Defcon. :D
@mzbat
@TheDevilsVoice
Last night
@JimSycurity
asked me if there was a
#BEC
playbook. I tried to write a few notes, but ended up finishing the playbook around 2 AM.
Why drop everything and write the playbook? Because Business Email Compromise HAS to stop.
Getting back to work after an extremely stressful Christmas, including 20 days of COVID and wife having to call the EMT's on me due to COVID complications.
As crazy as it sounds, it feels good to be able to sit at a desk again. But I'm back ya'll, snarky as ever. :)
And
@Namecheap
, I'm flagging some folks privately, so expect a bunch of domains to (hopefully) come across the internet.
My recommendation: take the intel and use those as pivot points to find related fraud domains. That will literally clean up the internet tomorrow!!! :D :D :D