The Oh No! news.

Oh No! News is Good News.

• Threat analysis; your attack surface.

• Article: For-Profit Companies Charging Sextortion Victims for Assistance and Using Deceptive Tactics to Elicit Payments.
  

  • Author: FBI Internet Crime Complaint Center. (2023, Apr 7).
    
  • The companies use deceptive tactics—including threats, manipulation, and providing false information—to coerce sextortion victims into paying for their services. Some of the services for which the companies charge fees, such as sending the perpetrators cease and desist orders, make victims feel better but are not legally enforceable. The companies may also attempt to discourage victims from reporting the sextortion to law enforcement. Limited reporting indicates the companies are directly or indirectly involved in the sextortion activity.
    

• Article: Former Ubiquiti dev who extorted the firm gets six years in prison.
  

  • Author: Bill Toulas. (2023, May 11).
    
  • Nickolas Sharp, a former senior developer of Ubiquiti, was sentenced to six years in prison for stealing company data, attempting to extort his employer, and aiding the publication of misleading news articles that severely impacted the firm's market capitalization.
    

• Article: Toyota: Car location data of 2 million customers exposed for ten years.
  

  • Author: Bill Toulas. (2023, May 12).
    
  • Toyota Motor Corporation disclosed a data breach on its cloud environment that exposed the car-location information of 2,150,000 customers for ten years, between November 6, 2013, and April 17, 2023.
    

• Article: Failure to comply with Bus Open Data regulations leads to financial penalty for operator.
  

  • Author: Traffic Commissioners for Great Britain. (2023, May 4).
    
  • The Traffic Commissioner for the West Midlands, Miles Dorrington, imposed a financial penalty under section 155 of the Transport Act 2000 of £1500, based on a £100 penalty for each of the vehicles authorised on the operator’s licence.
    

• Article: Criminals Pose as Chinese Authorities to Target US-based Chinese Community.
  

  • Author: FBI Internet Crime Complaint Center. (2023, Apr 10).
    
  • The FBI warns of criminal actors posing as Chinese law enforcement officials or prosecutors in financial fraud schemes targeting the US-based Chinese community. Criminals tell victims they are suspects in financial crimes and threaten them with arrest or violence if they do not pay the criminals. Criminals exploit widely publicized efforts by the People’s Republic of China government to harass and facilitate repatriation of individuals living in the United States to build plausibility for their fraud. Criminals typically call victims, sometimes using spoofed numbers to appear as if the call is from the Chinese Ministry of Public Security, one of its localized Public Security Bureaus, or a US-based Chinese Consulate. Criminals may also communicate through online applications.
    

---

• User space.

• Article: Twitter rolls out encrypted DMs, but only for paying accounts.
  

  • Author: Bill Toulas (2023, May 11).
    
  • Twitter has launched its 'Encrypted Direct Messages' feature allowing paid Twitter Blue subscribers to send end-to-end encrypted messages to other users on the platform.
    
  • The private decryption key is only stored on the sender's device and is not shared with anyone else. However, the public encryption key is shared with others who want to send you encrypted data.
    

• Article: Discord discloses data breach after support agent got hacked.
  

  • Author: Sergiu Gatlan. (2023, May 12).
    
  • Discord is notifying users of a data breach that occurred after the account of a third-party support agent was compromised.
    
  • The security breach exposed the agent's support ticket queue, which contained user email addresses, messages exchanged with Discord support, and any attachments sent as part of the tickets.
    

---

• Additional Information.
  • What is a "Data Breach"? A data breach is a security violation, in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen, altered or used by an individual unauthorized to do so.
    
  • What is "Malware"? Malware (a portmanteau for malicious software) is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy.
    
  • What is a "Payload"? In the context of a computer virus or worm, the payload is the portion of the malware which performs malicious action; deleting data, sending spam or encrypting data. In addition to the payload, such malware also typically has overhead code aimed at simply spreading itself, or avoiding detection.
    
  • What is "Phishing"? Phishing is a form of social engineering where attackers deceive people into revealing sensitive information or installing malware such as ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim is navigating the site, and transverse any additional security boundaries with the victim.
    
  • What is "Information Security" (InfoSec)? Information security, sometimes shortened to InfoSec, is the practice of protecting information by mitigating information risks. It is part of information risk management.
    • Information Security Attributes: Confidentiality, Integrity and Availability (C.I.A.). Information Systems are composed in three main portions, hardware, software and communications with the purpose to help identify and apply information security industry standards, as mechanisms of protection and prevention, at three levels or layers: physical, personal and organizational. Essentially, procedures or policies are implemented to tell administrators, users and operators how to use products to ensure information security within the organizations.
      
  • What is "Risk management"? Risk management is the identification, evaluation, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability or impact of unfortunate events or to maximize the realization of opportunities.
    
  • What is a "Vulnerability" (computing)? Vulnerabilities are flaws in a computer system that weaken the overall security of the device/system. Vulnerabilities can be weaknesses in either the hardware itself, or the software that runs on the hardware.
    
  • What is an "Attack Surface"? The attack surface of a software environment is the sum of the different points (for "attack vectors") where an unauthorized user (the "attacker") can try to enter data to or extract data from an environment. Keeping the attack surface as small as possible is a basic security measure.
    
  • What is an "Attack Vector"? In computer security, an attack vector is a specific path, method, or scenario that can be exploited to break into an IT system, thus compromising its security. The term was derived from the corresponding notion of vector in biology. An attack vector may be exploited manually, automatically, or through a combination of manual and automatic activity.
    
  • What is "Standardization"? Standardization is the process of implementing and developing technical standards based on the consensus of different parties that include firms, users, interest groups, standards organizations and governments. Standardization can help maximize compatibility, interoperability, safety, repeatability, or quality. It can also facilitate a normalization of formerly custom processes.
    • List of computer standards.
      
    • List of technical standard organizations.
      
  • What is a "Replay attack"? A replay attack is a form of network attack in which valid data transmission is maliciously or fraudulently repeated or delayed. Another way of describing such an attack is: "an attack on a security protocol using a replay of messages from a different context into the intended (or original and expected) context, thereby fooling the honest participant(s) into thinking they have successfully completed the protocol run."
    
  • What is a "Man-in-the-middle attack"? In cryptography and computer security, a man-in-the-middle, ..., attack is a cyberattack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other, as the attacker has inserted themselves between the two parties.
    
  • What is "Transport Layer Security" (TLS)? Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible.
    
  • What is a "Handshake" (computing)?. In computing, a handshake is a signal between two devices or programs, used to, e.g., authenticate, coordinate. An example is the handshaking between a hypervisor and an application in a guest virtual machine.

---

• License: Creative Commons Attribution-ShareAlike 4.0 International
  
  This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.