Dec 28 2023
Welcome to Gone Phishing, your daily cybersecurity newsletter that hopes the scammers are as unsure of which day of the week it is and whether we should have a drink or stick another movie on 🙃🥱😂 #discombobulated
Today’s hottest cybersecurity news stories:
🏠 Real estate firm (likely Goyzer) exposes 640k customers’ data 📁
🎮 Video game legend Ubisoft investigate alleged data breach! 🕵️♂️
☠️ Meet Bandook, the ransomware scam that keeps on scamming 👨💻
In a recent investigation, an exposed database containing sensitive information for a Customer Relationship Management (CRM) system, likely owned by Goyzer—a real estate property management software maker—was discovered.
👀 Data’s Mongone
The leaked data, including names, emails, phone numbers, and scanned documents, was accessed through a publicly exposed MongoDB database that lacked a password. The database, now closed, held over 100K links with scanned documents from Goyzer's domain.
🌍 The affected customers were based in Dubai, and the total exposed individuals number around 690,000. The leaked data poses a significant risk of identity theft, phishing, and financial fraud.
🔒 Always prioritise robust security measures! 🔒
Despite attempts to contact Goyzer for comment, there has been no response as of now.
In a separate incident, cybersecurity researcher Jeremiah Fowler uncovered an unprotected database associated with Estate Wealth Network, containing a massive 1.16 terabytes of data, including real estate ownership details of celebrities and politicians.
👉 Stay vigilant, protect your data, and watch out for potential scams! 👀
Learn AI in 5 minutes a day. We'll teach you how to save time and earn more with AI. Join 400,000+ free daily readers for trending tools, productivity boosting prompts, the latest news, and more.
Ubisoft, the renowned video game publisher, is currently probing reports of a potential data breach following evidence shared by prominent researchers vx-underground.
On December 20, 2023, an unknown threat actor allegedly accessed Ubisoft's infrastructure for 48 hours. Administrators took swift action to lock them out upon discovery.
The breach's origin remains unclear, but the attackers unsuccessfully attempted to steal user data from the popular game R6 Siege.
🌐 Ubisoft, a key player in the gaming industry, is recognized for blockbuster franchises like Assassin’s Creed and Rainbow Six Siege across various platforms.
Threat actors claim access to Ubisoft's Microsoft Teams, Confluence, and SharePoint, with plans to exfiltrate a whopping 900GB of stolen data.
This incident echoes a previous cyber security event in March 2022, where Ubisoft faced a significant impact on games and services. The Lapsus$ extortion gang asserted responsibility, claiming a breach and internal data exfiltration.
In a related event in October 2020, the Egregor ransomware gang targeted Ubisoft after hitting game developer Crytek.
🚨 Stay tuned for updates as Ubisoft addresses this latest security concern! 🚨 🎮🔒
🃏 The Motley Fool: “Fool me once, shame on — shame on you. Fool me — you can't get fooled again.” Good ol’ George Dubya 😂 Let us tell who’s not fooling around though; that’s the Crüe 👀 at Motley Fool. You’d be a fool (alright, enough already! 🙈) not to check out their Share Tips from time to time so your savings can one day emerge from their cocoon as a beautiful butterfly! 🐛 Kidding aside, if you check out their website they’ve actually got a ton of great content with a wide variety of different investment ideas to suit most budgets 🤑 (LINK)
🚵 Wander: Find your happy place. Cue Happy Gilmore flashback 🏌️⛳🌈🕊️ Mmmm Happy Place… 😇 So, we’ve noticed a lot of you guys are interested in travel. As are we! We stumbled upon this cool company that offers a range of breath-taking spots around the United States and, honestly, the website alone is worth a gander. When all you see about the Land of the free and the home of the brave is news of rioting, looting and school shootings, it’s easy to forget how beautiful some parts of it are. The awe-inspiring locations along with the innovative architecture of the hotels sets Wander apart from your run of the mill American getaway 🏞️😍 (LINK)
🌊 Digital Ocean: If you build it they will come. Nope, we’re not talking about a baseball field for ghosts ⚾👻🍿 (Great movie, to be fair 🙈). This is the Digital Ocean who’ve got a really cool platform for building and hosting pretty much anything you can think of. If you check out their website you’ll find yourself catching the buzz even if you can’t code (guilty 😑). But if you can and you’re looking for somewhere to test things out or launch something new or simply enhance what you’ve got, we’d recommend checking out their services fo’ sho 😉 And how can you not love their slogan: Dream it. Build it. Grow it. Right on, brother! 🌿 (LINK)
🔒 Affected Platforms: Microsoft Windows
👤 Impacted Users: Microsoft Windows Users
🌐 Impact: Remote attackers can gain control of infected systems
🦠 Bandook Malware Update: A new variant of the Bandook malware has emerged, identified by FortiGuard Labs. This remote access trojan, active since 2007, has now been detected in a PDF file distributed in October. The PDF contains a malicious shortened URL leading to a password-protected .7z file. Once extracted, the malware injects its payload into msinfo32.exe.
🔍 What's at Risk?
Names, emails, and phone numbers
Scanned documents: receipts, checks, contracts, and IDs
👾 Potential Threats:
🔐 Protection Tips:
Always use robust security measures.
Update your antivirus software regularly.
📊 Technical Insights:
Registry keys control payload behaviour.
Bandook uses fewer control codes for more precise tasks.
C2 communication involves various commands for file manipulation, registry changes, downloads, and more.
👁️🗨 Keep an Eye Out! 👁️🗨 Safeguard your data, stay alert, and be on the lookout for possible scams! 🛡️
Every few weeks, we carefully select three hot newsletters to show you. Reputation is everything, so any links we share come from personal recommendation or carefully researched businesses at the time of posting. Enjoy!
The GeekAI: A daily 3 min newsletter on what matters in AI, with all the new AI things coming to market its good to stay ahead of the curve.
Libby Copa: The Rebel Newsletter helps writers strengthen their writing and creative practice, navigate the publishing world, and turn their art into an act of rebellion.
Techspresso: Receive a daily summary of the most important AI and Tech news, selected from 50+ media outlets (The Verge, Wired, Tech Crunch etc)
Let us know what you think!
So long and thanks for reading all the phish!