A New Kind of Phishing Attack - ThreatWire
ฝัง
- เผยแพร่เมื่อ 13 มิ.ย. 2024
- ⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️
Support ThreatWire → / threatwire
@endingwithali →
Twitch: / endingwithali
Twitter: / endingwithali
TH-cam: / @endingwithali
Everywhere else: links.ali.dev
If you want to help Ali with her research project email her at endingwithaliresearch@gmail.com
→ Please include (1️⃣) the size of your company and (2️⃣) what your company does.
[❗] Join the book club on Patreon→ / threatwire
0:00 Intro
0:08 - New Kind of Phishing Attack
1:01 - Latrodectus
3:24 - Discord DOS
3:53 - Unsupported NAS devices left Vulnerable
6:03 - OUTRO
LINKS
🔗 Story 1: New Kind of Phishing Attack
- lutrasecurity.com/en/articles...
🔗 Story 2: Latrodectus
- www.darkreading.com/threat-in...
- www.darkreading.com/cyber-ris...
- www.proofpoint.com/us/blog/th...
- thehackernews.com/2024/04/wat...
🔗 Story 3: Discord DOS
- / 1777199692184498257
🔗 Story 4: Unsupported NAS devices left Vulnerable
- supportannouncement.us.dlink....
- github.com/netsecfish/dlink
- www.computerworld.com/article...
- www.neowin.net/news/ten-years...
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community - where all hackers belong. - วิทยาศาสตร์และเทคโนโลยี
You've grown into your role really well. You certainly come across as much more confident compared to when you started Threatwire. You're doing great!
Haven’t watched since she started, still a little tough but this one was important today.
All women are QUEENS
@@JohnPeter-yf5jfwhat happened to Shannon?
@@annnooon8455That's what i was wondering too. Looks like Shannon has parted away from Hak5.
@@annnooon8455 Shannon left due to health issues.
She still posts on her channel.
You can find her final episode where she discusses her departure in the Nov 7 2023 ThreatWire.
Of course Micro$hit just marks a bug as resolved without actually taking action.
Why? The only thing shitty is it's flaws like viruses it can get. Best option? Buy a client oem and ask network administrator with ISP to do that dual boot if you're phone is compatible with. Client OEM devices sound alot like Motorola or Verizon or metro would do
Yeah that was the weirdest line like, okay that technique for a device compromise is "solved" as in we know how it works (yay microsoft wowee) but we ajn't doing anything.
My rule is I never click anything in an email unless it's a password reset I know I just initiated.
I think if your IOT product holds important customer data it should absolutely be patched regardless of how long it's been.
Or at the very least, when support is ended it should be cut off from the manufacturer's cloud and only work locally.
I agree.. like Fail Secure / Fail Closed
Maybe open sourcing the software so someone else will fix it would make sense?
@@billmiller4800 Open sourcing abandonware would be an absolute dream
Data can be traced but can be removed from your iot devices, iasae devices. Etc he who can think like a hacker can prevent one from attack another person. 😮😅😉 Just remember that each motif can have a long term affect or effect or both? You be the judge of the that.
When you're a one man NOC, sometimes you gotta play for both the teams. (No homo)
Thanks for all the work putting this together.
Where's the rest of the info on the phishing attack?
How does hiding elements result in a phishing attack anyway?
Is there a CVE?
Suggestions for the laymen?
Definitely the last request! TIA😊
The CSS can change what the email says after it detects that it has been forwarded because an email that has been forwarded has been offset. It could be programmed to notice that, then change what the text says based on that. The scheme was to trick the first recipient to forward the email. Next, the email changes the text to something "malicious" like sending money as the article used as an example. In the long run, it appears that the email was forwarded from your boss (because it was) and says to send money. You ask your boss to confirm he sent you an email, and he says that he has indeed sent an email. He did not know you meant an email to send money. He thought you meant the innocent email which may have only said "forward this to (person 2) because I do not know his email address" but the text was changed by the CSS after detecting the format change due to being forwarded. Hopefully you understand now, and this isn't too long.
@@gabethedog4043 Thanks!
00ppLl. DQzpq v
Thank you
Informative as always, thanks!
ooff. If I ever have hardware bricked by an update. I will never buy that brand again.
You and your team are doing great! Thank you for this valuable info
D-Link says FU to its customers. I say FU to D-Link.
Fu dlink are words to live by
Who buys D Link?
@@DinoNucci Obviously, many people do, as per Ali's report.
@@BobCollins42 why
D-Link & WD Security patches either don't work as claimed or don't manifest lately...
Always interesting and informative, thank you! Stay safe!
Good job! Thanks for the helpful content!
Shared! Thank you!
Thanks for the video
Appreciate the info
Okay, so this is my favorite video so far, 100% at every point of it. Ready for the next one.
Interesting name. Latrodectus is a genus of spiders, including Black Widow. (L. Mactans)
Another great episode.
Love the smile and dimples 😊 thanks for the info
For the nas exploit they could just release there firmware to the public, so the open source community can do something about it!
Imagine a car company telling their customers that their vehicles are designed to last 5 years, because that's when the warranty expires; at the end of 5 years, customers should take their vehicles to the junkyard and sell it as scrap. Then the customer should return to buy the next round of vehicles, also with a 5 year lifespan. This is what D-Link is telling their customers.
Worse, the manufacturer created the issue by including default logins and passwords, which is an industry norm to AVOID at all costs. Yet, D-Link says to their customer base - toss it in the trash, and come buy something new instead. Folks, it's time to NEVER buy a D-Link device, even to include a unmanaged switch, or a cable ; vote with your money and send it anywhere but D-Link.
Wait Sonos never did that iirc. They simply split the systems into v1 and v2 so newer devices could only be grouped with newer devices and vice versa
I believe she was referring to Sonos's "Recycle Mode" that bricked old speakers and was required to enable for Sonos's trade-up program to get a discount.
Edit: clarification
@@oxoboo hmm yea. True that. But that was opt-in. It was basically a trade-in, but without actually sending the hardware to them. So essentially it's the same thing. You 'trade-in' aka disable your old hardware and get the discount
Wrong
After eol/eos, release the source code and schematics....
In D-Link's case, it would have meant that hackers would have gained access to the devices much earlier; default logins and passwords are always a bad thing; usually a sign of a company that does not give a crap about security, just selling product, abandoning it when it stops making money, then selling more new product just as long as they can make a dime.
People should steer clear of D-Link products. Their approach to security and how it sees its customer base is abhorrent.
I just have one question about the oldest episodes of the threatwire. Where are they?
HTML in EMAIL was a mistake bros.
heavy going with lots of big words. simple layman's terms with what to do/not to do would help my seriously cluttered mind. happy saturday
It's a balance because there's technical folk who want some details and more layman level of knowledge who just want to know what to do for protection.
This is interesting! Stay aware!
Always keep your emails safe
Thanks for another good video!
Just remember that awareness of these things matter so you can prevent another attack.
Grow with you, no problemo. Occasionally late, we'll eagerly wait for you all.
But no PUPPY?!?! HOW COULD YOU DO THIS TO US?!?! 😜
The puppy thing is a great attachment like a call of duty attachment lol 😂 anywho she should hired by metro
I'm not sorry but Will be a better pet next time 😂
WAT!?
Kingphisher is a compaign awareness like what a ciso does
Its very annoying these situations exist. Although the public can't top this we can more careful in the selection of products we choose to use. We need to strive to not choose products that are D-Link to a bad experience. 😅
❤ excellent content 👍🏻
if a company is going to EOL/EOS a hardware product, then they should release the software and firmware so owners at least have the option to maintain them on their own.
Why does D-Link not make the EOL/EOS firmware available to the Open Source community?
Why would people make fun of the name Ally Diamond? That's not even a weird name...
Smart company. Gets attractive women to present technical information.
dlink attitude to security is the reason I won't buy any more of their products. hard coded reds warrants and update if out of support because of the stupidity of the vendor to include one
Mr Potato Head... Mr Potato Head back doors are not secret and they should know it
In the end, just build your own NAS.
Dlink has had a horrible reputation since....forever? at least 2005?
2 points for the War Games quote ~Darren
Yeah hardcoded creds are an invite for compromise. And they're usually unbelievably easy, short and predictable. Probably didnt even need to bruteforce it with a program lol
You're kicking ass. I'm glad Hak5 is continuing with Threatwire and I'm glad you're taking it over. Wish you the best in this role. Ignore the haters, for haters will only hate.
Nice tablecloth
You go grrl!
6:21 please validate me
Honestly, even if D-link released a patch, the type of person who is exposing an EoL device's management interface (or ANY device really) directly to the internet isn't going to update it anyways, and probably will never even hear about this CVE.
Lutra link is broken
Noob now subbed and hit the bell
🔗 Story 1: New Kind of Phishing Attack
link does not work!
fixed - ali
Sub’d- great info and delivery!
never trust ppl that forward email
2:00 have them install JavaScript?
What is she even talking about? I'm lost!!
I'm cool with threatwire
It was major issue in the world 🌍 "email attack"
🙋🏻♂️ startup 💎 2 man team 1️⃣ customer 😏 but he’s paying all the bills 🙌🏼
Its always hard when doing something new so its ok. You will get more comfortable with news delivery as time goes by.
Keep up the good work, guys.
Shalom.
Great work! Ignore bad comments, embrace useful criticism and focus on the positive ones, tough for us humans to do but it helped me quite a bit. Keep on rocking!
Many creators suggest not reading the comments. Kinda defeats the purpose of commenting, though. Maybe hire someone to proof the comments, remove the negative, overly critical and childish ones? Although you've no need to worry about them. You're doing great. Thx and keep it up! 😊
Those dimples
Still permission denied because of passkeys
Burberry, how decadent.
Where's Shannon?
It's kind of scary nearly 1 mil people subscribe to hak5.
It started off well.
@@blookollawhat what is she declining or something
D-Link needs to pull their socks up; do they really like to be supporting hackers? I've always used TP-Link.anyhow
Dlink is horrible as usual. Great work Ali!
That’s ridiculous that forces people to upgrade all their hardware. Sounds like you don’t want to buy D-link…lol just Dlink there product.
👽☠️👾
No Ali Diamond sound so cool
Cicada3301 good actors
thumbs up on that dress
thumbs up! like the beerrrrrrr beerrry
…..I can’t….
4 years is a joke for eol, it should be 15 years at least
Good work Ali
HTTP, OR HTTPS?
Something is off with the transcoding. Not complaining about the 720P choice, but should not have this may artifacts.
You’re doing fine.
Lesson to learn here, never buying any D-Link devices knowing how insecure they are just after a few years..
Try and catch and patch your services
I'm not even in cyber security stuff but I'm here for her cute dimples
God made so beautiful people
The fact D-Link won't just release a patch makes me never want to buy another D-Link product again.
Also I just noticed you got the cutest dimples ever.
You’re great! Keep it up
she's so adorable and informative. thank you, threat-wire as always.
I think you're a good presenter, no complaints!
PizzA
Hey, looking good, love your golf vids
🪥
RIP SOPHIE
Why on earth do people forget or have never come across w3c or w3school?
While im still looking for a job atm, throughout my learning on Tryhackme, Hackthebox, portswigger(so far), some books and studying for my Sec+ exam I don't think it has ever been mentioned.
Perhaps once but not in enough detail to remember. Ive heard of the IEEE and IANA, but not w3c, there's sooooo much info in learning the fundamentals of the web/software/different OS'/networking/Active Dir/cloud/back-end & front-end, cyber- security, coding...
Obvs I know you don't need to be proficient in all these areas, but the amount of information is mind boggling. It's so easy to miss stuff that more experienced people assume you would run across.
Your cool new snubs remember the old phrase "trust your techno lust" and my favorite " drink all the booze hack all the things"🖖🖖🤘🤘🤘🤟
new snubs LMAOOOOO
You cool, please continue
Ignore the haters, idk why anyone would make fun of your name. My driving instructor's last name was Diamond and it was pretty kewl! Anywho, keep up the great work.
I'm done with D-Link. Clearly they are not on the side of consumers.
they always done this crap, they used type words with mispelling as well.
D-fective link
What happened to Shanon?
im interested to know myself, just out of curiosity
Cloud C2 rem fix eol nas server cve
I miss Snubs 😢
We all do a lil.
What happened? I quit paying attention for a lil over a year, maybe 2 and now everyone is gone.
Nothing ruins a beautiful girl like fake body parts. That lip filler….
_No dog with me this week_ *Unsubscribes*
show us ur linux skills
“iTs ThE pENgUiN”
Hey Ali. You're cute. We're going to have to figure out a means to cryptographically send each other our numbers here soon.
lol 4yr out of date while windows xp still running on a network somewhere
takeaway, once again, Don't Install Java on your machine. LOL