.bh__table_cell { padding: 5px; background-color: #FFFFFF; }
.bh__table_cell p { color: #2D2D2D; font-family: ‘Helvetica’,Arial,sans-serif !important; overflow-wrap: break-word; }
.bh__table_header { padding: 5px; background-color:#F1F1F1; }
.bh__table_header p { color: #2A2A2A; font-family:’Trebuchet MS’,’Lucida Grande’,Tahoma,sans-serif !important; overflow-wrap: break-word; }
Welcome to Gone Phishing, your daily cybersecurity newsletter that protects you against cyberthreats a hell of lot better than the U.S. government protects its hurricane-stricken citizens ⛈️🌪️🚣♀️👨🏻🦳🏌😡😥 #Helene #Milton Sending love to our friends & readers across the pond ❤️❤️❤️
Patch of the Week! 🩹
First thing’s first, folks. Our weekly segment goes by many names. Patch of the Week, Tweak of the week. Okay, that’s it… 😳
Congrats to Qualcomm, the cybercriminals are no match… for your patch! 🩹
Check out this freshly hatched patch 🐣
Qualcomm it took you so long? 😏
🚨 Qualcomm Issues Critical Security Patches – Update Now! ⚠️
Qualcomm has rolled out updates fixing nearly two dozen vulnerabilities, including CVE-2024-43047 (CVSS 7.8), a bug under active exploitation in the wild! ⚡
This high-severity flaw in the Digital Signal Processor (DSP) Service could lead to memory corruption and is already being targeted, likely in spyware attacks aimed at civil society. Qualcomm urges OEMs to deploy the patch ASAP! 🔧📱
Another major issue addressed is CVE-2024-33066 (CVSS 9.8), a critical WLAN flaw that could also cause memory corruption. Google’s Project Zero and Amnesty International Security Lab helped flag these threats. 🚨💥 Qualcomm joins Google’s October Android bulletin, tackling vulnerabilities from Imagination Technologies, MediaTek, and Qualcomm. 🌐🔐
Now, on to this week’s hottest cybersecurity news stories:
-
👨🏽💻 N. Korean hackers are tricking developers w/ fake job interviews 👔
-
🌐 Microsoft: Beware of file hosting services in business email attacks 🗃️
-
😈 Lua-based malware cheats would-be cheaters with fake gaming cheats 🎮
Korea criminals strike again! 🚀
🚨 North Korean Hackers Target Tech Job Seekers! 👔
💼 Job interviews or cyber traps? Be aware! North Korea-linked hackers are targeting tech job seekers through fake interviews to spread malware. 🎯 The malicious campaign, named Contagious Interview, was first exposed by Palo Alto Networks' Unit 42 in late 2023.
📩 How It Works
Hackers pose as employers on job platforms, offering interviews to unsuspecting software developers. They trick victims into downloading malware disguised as coding assignments. 🖥️ The first stage of the attack instals BeaverTail, a downloader targeting both Windows and macOS. This then loads InvisibleFerret, a Python-based backdoor.
🦊 Sneaky Techniques!
The hackers continue their attacks despite being exposed, as their tactics remain effective. They use fake video conferencing apps to spread malware—now using the Qt framework for cross-platform infection. BeaverTail can steal browser passwords and cryptocurrency wallet data! 💳💻
🔍 What's Next?
These hackers haven't changed much about their strategy because it works! The malware can steal from 13 different cryptocurrency wallets, likely making this a financially motivated campaign to fund the North Korean regime. 🕵️♂️
Stay vigilant, especially if you're a developer seeking new opportunities—fake interviews might be more than just a bad offer. 🔒
These daily stock trade alerts shouldn’t be free!
The stock market can be a rewarding opportunity to grow your wealth, but who has the time??
Full time jobs, kids, other commitments…with a packed schedule, nearly 150,000 people turn to Bullseye Trades to get free trade alerts sent directly to their phone.
World renowned trader, Jeff Bishop, dials in on his top trades, detailing his thoughts and game plan.
Instantly sent directly to your phone and email. Your access is just a click away!
It’s the file hostess with the mostest (malware) 👾
🚨 Beware: Cybercriminals Exploit Trusted File Services! 🗃️
🛑 Microsoft warns of a new wave of attacks targeting enterprise users by abusing trusted file-hosting services like SharePoint, OneDrive, and Dropbox. These platforms are being used as sneaky tools to bypass security defences and carry out phishing and Business Email Compromise (BEC) attacks.
🎯 What’s the Goal?
Cybercriminals are using legitimate internet services (LIS) to trick users into sharing sensitive info, leading to financial fraud, data theft, and attacks on other systems. They’ve coined this technique Living-Off-Trusted-Sites (LOTS), which takes advantage of widely trusted platforms to escape detection.
📧 The Phishing Tactic
Here's how it works: A phishing email directs a user to a "view-only" file on a trusted service like OneDrive. To access it, the user must log in with their email and a one-time password (OTP). Clicking on the link redirects them to a phishing page, where attackers steal login credentials and even two-factor authentication (2FA) tokens. 🔑💻
💼 Business Email Compromise
Once inside, attackers use the stolen credentials to launch BEC scams, aiming for financial gain. These scams often involve impersonating trusted vendors or partners, tricking companies into making fraudulent payments.
🛠️ Phishing-as-a-Service (PhaaS)
Attackers are also using Mamba 2FA, a phishing kit sold for $250/month, allowing cybercriminals to steal credentials and bypass 2FA using tools like Telegram bots. 📲
Stay alert, especially when accessing shared files. Cyber attackers are getting smarter—don’t get caught in their net! 🔒
News for humans, by humans.
-
Today's news.
-
Edited to be unbiased as humanly possible.
-
Every morning, we triple-check headlines, stories, and sources for bias.
-
All by hand with no algorithms.
Would-be cheaters! Don’t be Lua’d in 👀
🚨 Gamers Beware: Fake Cheats Deliver Dangerous Malware! 🎮
👾 Gamers looking for cheats are falling into a cyber trap! Attackers are using fake cheat sites to trick users into downloading Lua-based malware, capable of infecting systems and delivering harmful payloads. 🦠
🕹️ How It Works
Cybercriminals target student gamers searching for cheat engines like Solara and Electron, using fake websites to distribute malicious files. The malware, hidden in ZIP archives hosted on GitHub, includes a Lua compiler and script designed to compromise your system by communicating with a command-and-control server to download more malware like RedLine Stealer.
🔐 Staying Hidden
This malware uses obfuscated Lua scripts to avoid detection, making it easier to fly under the radar. Once installed, it can establish persistence, hide processes, and even download additional payloads, putting your system—and data—at serious risk.
💻 What's the Damage?
Attackers use infostealers like RedLine to collect credentials and sell them on the dark web, potentially leading to more sophisticated attacks. Crypto investors are also being targeted, with malware replacing cryptocurrency wallets and silently mining coins. 💰
👾 Stay safe and avoid downloading cheats from unverified sources. Cybercriminals are lurking, ready to turn your gaming habits into their next payday! 💥
🗞️ Extra, Extra! Read all about it! 🗞️
Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!
-
🛡️ Tl;dr sec: Join 30,000+ security professionals getting the best tools, blog posts, talks, and resources right in their inbox for free every Thursday 📅
-
💵Crypto Pragmatist: Crypto made simple. Actionable alpha in 5 minutes, 3x a week. Join 47,000+ investors and insiders, for 🆓
-
📈Bitcoin Breakdown: The best in Bitcoin, carefully curated by an alien from the future 👾
Let us know what you think.
So long and thanks for reading all the phish!