Nov 14 2023
Welcome to Gone Phishing, your daily cybersecurity newsletter thatโs forgotten more about cybersecurity than David Cameron knows about running the country (at home or away!) #HesBack ๐๐๐
Todayโs hottest cybersecurity news
๐ Heartbreakers! Scumbag scammer tricks OAP into selling home
๐จโ๐ป Hackers fake Google forms quizzes to perform scandalous scams ๐ฟ
๐ฅ U.S. healthcare in turmoil thanks to breaches via ScreenConnect ๐ฅ๏ธ
Linda thought she found love online with "Mr Bravo," who claimed to be a military serviceman. As their bond grew, Mr Bravo requested huge sums of money, leading Bemis to sell her home share and car, totaling $60,000! ๐ฑ
๐ต๏ธโโ๏ธ Shocking Twist:
Mr Bravo is Lisa Miller! ๐ฑ Miller, claiming innocence, rerouted her IP address to Nigeria. Arrested on fraud and theft charges, she now faces serious penalties. ๐ก
๐ Homeless and Heartbroken:
Bemis warns, "Be careful! Before you know it, you can become a victim just like that." ๐
๐ฎโโ๏ธ Police Caution:
Sergeant Brian Schnell urges vigilance. Scammers are out thereโprotect yourself and your loved ones! ๐ก๏ธ
๐ Stay Informed:
Update as of November 10โLisa Miller found guilty, awaiting sentencing. Justice prevails! โ๏ธ
Let's spread awareness and stop scams together! Share this cautionary tale with your friends and family. ๐ค
Cybersecurity is more important than ever, and your Mac or PC are no exception. Over time, your Mac or PC can accumulate junk files, malware, and other threats that can slow it down and make it vulnerable to attack.
That's where MacPaw comes in. MacPaw offers a suite of easy-to-use apps that can help you clean, optimize, and secure your Mac. With MacPaw, you can:
Remove junk files and malware to free up space and improve performance
Protect your privacy by erasing sensitive data
Optimize your startup settings to speed up boot times
Manage your extensions and apps to keep your Mac or PC running smoothly
Since 2008 MacPaw is trusted by over 30 million users worldwide, and it's the perfect solution for keeping your Mac or PC safe and secure.
๐ Researchers warn of rising crypto spam! Scammers leverage Google Forms' "Release scores" to deliver emails, tricking victims into crypto investments or sharing personal details.
๐ฉโ๐ป How it Works:
Spammers exploit Google Forms, using any email to complete quizzes. After submission, they activate "Release scores," sending customised emails from victims' Google accounts, increasing delivery chances.
๐ Sample Scam:
Subject: "Score released: Balance 1.3320 BTC." Clicking redirects to a fake form, prompting email confirmation.
Victims led to an external link, urged to activate accounts with Bitcoins worth $46,000. Live chat assistance makes it convincing. Final step: pay a '0.25%' exchange fee or $64 via QR code.
๐ฏ Google Features Targeted:
This follows Google's warning of threat actors using its Calendar service for malicious activities. A tool called Google Calendar RAT exploited event descriptions for covert communication.
๐ก๏ธ Stay Informed:
As scams evolve, organisations must update on IoCs and block malicious indicators. ๐ซ Be cautious, share awareness, and protect yourself from cunning cybercriminals! ๐
๐ย The Motley Fool: โFool me once, shame on โ shame on you. Fool me โ you can't get fooled again.โ Good olโ George Dubya ๐ Let us tell whoโs not fooling around though; thatโs the Crรผe ๐ at Motley Fool. Youโd be a fool (alright, enough already! ๐) not to check out their Share Tips from time to time so your savings can one day emerge from their cocoon as a beautiful butterfly! ๐ Kidding aside, if you check out their website theyโve actually got a ton of great content with a wide variety of different investment ideas to suit most budgets ๐คย (LINK)
๐ตย Wander: Find your happy place. Cue Happy Gilmore flashback ๐๏ธโณ๐๐๏ธ Mmmm Happy Placeโฆ ๐ So, weโve noticed a lot of you guys are interested in travel. As are we! We stumbled upon this cool company that offers a range of breath-taking spots around the United States and, honestly, the website alone is worth a gander. When all you see about the Land of the free and the home of the brave is news of rioting, looting and school shootings, itโs easy to forget how beautiful some parts of it are. The awe-inspiring locations along with the innovative architecture of the hotels sets Wander apart from your run of the mill American getaway ๐๏ธ๐ย (LINK)
๐ย Digital Ocean: If you build it they will come. Nope, weโre not talking about a baseball field for ghosts โพ๐ป๐ฟ (Great movie, to be fair ๐). This is the Digital Ocean whoโve got a really cool platform for building and hosting pretty much anything you can think of. If you check out their website youโll find yourself catching the buzz even if you canโt code (guilty ๐). But if you can and youโre looking for somewhere to test things out or launch something new or simply enhance what youโve got, weโd recommend checking out their services foโ sho ๐ And how can you not love their slogan: Dream it. Build it. Grow it. Right on, brother! ๐ฟย (LINK)
๐ Security researchers uncover a concerning trend as threat actors exploit ScreenConnect, a remote access tool, to target healthcare organisations, including Transaction Data Systems (TDS).
๐ Who's Affected:
TDS, a pharmacy supply chain solution in all 50 states, faces attacks on local ScreenConnect instances. Managed security platform Huntress identifies attacks on two healthcare organisations, indicating ongoing reconnaissance for potential escalation.
โ ๏ธ Attack Details:
Between Oct 28 and Nov 8, 2023, hackers employ consistent tactics, downloading a payload named text.xml. This file loads Metasploit attack payload Meterpreter into system memory, evading detection using non-PowerShell methods.
๐ป Compromised Endpoints:
Windows Server 2019 systems of a pharmaceutical and healthcare organisation, both linked by ScreenConnect instances. The tool instals additional payloads, executes commands, transfers files, and attempts to create new user accounts for persistent access.
๐ Connection to TDS:
ScreenConnect instance tied to 'rs.tdsclinical[.]com' domain, associated with TDS. It's unclear if TDS suffered a breach, had compromised credentials, or faced a different exploit.
๐จ Urgent Action Needed:
Huntress attempts to notify TDS (now 'Outcomes') after a merger last summer go unanswered. Healthcare entities urged to stay vigilant, update security measures, and collaborate to thwart cyber threats. ๐ค๐๐
Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!
The GeekAI: A daily 3 min newsletter on what matters in AI, with all the new AI things coming to market its good to stay ahead of the curve.
Libby Copa:ย The Rebel Newsletter helps writers strengthen their writing and creative practice, navigate the publishing world, and turn their art into an act of rebellion.
Techspresso:ย Receive a daily summary of the most important AI and Tech news, selected from 50+ media outlets (The Verge, Wired, Tech Crunch etc)
Let us know what you think!
So long and thanks for reading all the phish!