No webinars this week, but some fun articles!
- The Secret Weapon Hackers Can Use to Dox Nearly Anyone in America for $15 – Most Americans have very little choice but to provide their personal information to credit bureaus. Hackers have found a way into that data supply chain, and are advertising access in group chats used by violent criminals who rob, assault, and shoot targets.
- IBM Whitepaper: Cost of a Data Breach 2023 – IBM’s 2023 installment of their annual “Cost of a Breach” report has brought up some interesting trends such as the average cost of a breach rose once again to $4.45 million, increasing 15% over the last three years. It also has an industry-specific focus and breakdown of breaches.
- Hacking device Flipper Zero can spam nearby iPhones with Bluetooth pop-ups – Thanks to a popular and relatively cheap hacking tool, hackers can spam your iPhone with annoying pop-ups prompting you to connect to a nearby AirTag, Apple TV, AirPods, and other Apple devices.
- W3LL Store: How a Secret Phishing Syndicate Targets 8,000+ Microsoft 365 Accounts – “The threat actor created a hidden underground market, named W3LL Store, that served a closed community of at least 500 threat actors who could purchase a custom phishing kit called W3LL Panel, designed to bypass MFA, as well as 16 other fully customized tools for business email compromise (BEC) attacks,” Group-IB said in a report shared with The Hacker News.
- ASUS routers vulnerable to critical remote code execution flaws – Three critical-severity remote code execution vulnerabilities impact ASUS RT-AX55, RT-AX56U_V2, and RT-AC86U routers, potentially allowing threat actors to hijack devices if security updates are not installed.
- It’s Official: Cars Are the Worst Product Category We Have Ever Reviewed for Privacy – Machines that, because of their all those brag-worthy bells and whistles, have an unmatched power to watch, listen, and collect information about what you do and where you go in your car.
- Thousands of dollars stolen from Texas ATMs using Raspberry Pi – A Texas court has heard how last month a gang of men used a Raspberry Pi device to steal thousands of dollars from ATMs.
- Smashing Security 338: Catfishing services, bad sports, and another cockup
TryHackMe – SOC Level 1: Splunk Basics, Incident Handling with Splunk – Complete