Attacks & Vulnerabilities
Verizon Employee Inadvertently Leaks Data of 63k Colleagues (2 minute read)
Verizon filed a data breach notification after a company employee obtained a file of 63,206 employees’ personal data. The data includes social security numbers, gender, union affiliation, date of birth, and compensation information. Verizon stated that it has no evidence that the data was used maliciously or shared outside of Verizon.
Finance Worker Pays Out $25 Million After Call With Deepfake CFO (2 minute read)
An employee at a multinational financial firm fell for a social engineer attack that led them to remit $200 million Hong Kong dollars. The employee was suspicious when they originally received the communication from the UK-based CFO but was convinced after a call with the CFO and several colleagues, who all turned out to be deepfakes.
The Risk of a Leaked Stripe API Key (5 minute read)
This post evaluates the risks of a leaked Stripe API key. It proposes 5 attack paths: disclosing PII, generating promo codes, changing prices, defacing websites, and making unauthorized wire transfers. The post ends with some best practices for protecting Stripe API keys.
Unleashing the Power of Scapy for Network Fuzzing (3 minute read)
This blog post provides instructions for installing Scapy and demonstrates its utility by using it to fuzz an FTP server. Scapy is a powerful tool for testing network and application security. It offers extensive packet manipulation capabilities and can be used to fuzz network protocols, and application-specific protocols and simulate denial-of-service attacks.
Enriching Threat Intelligence with Mappings (5 minute read)
This blog post talks about utilizing the control and security stack mappings created by the Center for Threat-Informed Defense (Center). These mappings, like NIST 800-53 Control Mappings and Security Stack Mappings for Google Cloud Platform and Amazon Web Services, enable defenders to connect threat information to actionable guidance, making it easier to detect and mitigate threats. Center is also working on expanding its collection of mappings and making them more accessible.
ResumeLooters - New Malicious Group (18 minute read)
ResumeLooters have used SQL injection and XSS since early 2023 to hit Asia-Pacific recruitment/retail sites, stealing 500K+ user records from 65 sites. The group focuses on India, Taiwan, Thailand, and Vietnam, leveraging penetration testing tools like sqlmap. It injects XSS scripts into job sites to display phishing forms and steal admin creds.
Google Contributes $1 Million to Rust (3 minute read)
Google announced a grant of $1 million to the Rust Foundation to improve interoperability between legacy C++ codebases and Rust. Google said that Rust has proactively prevented hundreds of vulnerabilities from affecting the Android operating system. Google will also begin to publish audits of some of the crates used in open source Google projects.