A New Kind of Phishing Attack

A New Kind of Phishing Attack - ThreatWire

Рет қаралды 54,758

Күн бұрын

⬇️ OPEN FOR LINKS TO ARTICLES TO LEARN MORE ⬇️
Support ThreatWire → / threatwire
@endingwithali →
Twitch: / endingwithali
Twitter: / endingwithali
KZfaq: / @endingwithali
Everywhere else: links.ali.dev
If you want to help Ali with her research project email her at endingwithaliresearch@gmail.com
→ Please include (1️⃣) the size of your company and (2️⃣) what your company does.
[❗] Join the book club on Patreon→ / threatwire
0:00 Intro
0:08 - New Kind of Phishing Attack
1:01 - Latrodectus
3:24 - Discord DOS
3:53 - Unsupported NAS devices left Vulnerable
6:03 - OUTRO
LINKS
🔗 Story 1: New Kind of Phishing Attack
- lutrasecurity.com/en/articles...
🔗 Story 2: Latrodectus
- www.darkreading.com/threat-in...
- www.darkreading.com/cyber-ris...
- www.proofpoint.com/us/blog/th...
- thehackernews.com/2024/04/wat...
🔗 Story 3: Discord DOS
- / 1777199692184498257
🔗 Story 4: Unsupported NAS devices left Vulnerable
- supportannouncement.us.dlink....
- github.com/netsecfish/dlink
- www.computerworld.com/article...
- www.neowin.net/news/ten-years...
____________________________________________
Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning educational podcasts, leading pentest gear, and inclusive community - where all hackers belong.

Пікірлер: 168

@AQDuck 2 ай бұрын

I think if your IOT product holds important customer data it should absolutely be patched regardless of how long it's been. Or at the very least, when support is ended it should be cut off from the manufacturer's cloud and only work locally.

@ishmaelmusgrave 2 ай бұрын

I agree.. like Fail Secure / Fail Closed

@billmiller4800 2 ай бұрын

Maybe open sourcing the software so someone else will fix it would make sense?

@AQDuck 2 ай бұрын

@@billmiller4800 Open sourcing abandonware would be an absolute dream

@KDR911KO 2 ай бұрын

Data can be traced but can be removed from your iot devices, iasae devices. Etc he who can think like a hacker can prevent one from attack another person. 😮😅😉 Just remember that each motif can have a long term affect or effect or both? You be the judge of the that.

@user-ew9cf1fv4l 2 ай бұрын

When you're a one man NOC, sometimes you gotta play for both the teams. (No homo)

@zephyfoxy 2 ай бұрын

Of course Micro$hit just marks a bug as resolved without actually taking action.

@KDR911KO 2 ай бұрын

Why? The only thing shitty is it's flaws like viruses it can get. Best option? Buy a client oem and ask network administrator with ISP to do that dual boot if you're phone is compatible with. Client OEM devices sound alot like Motorola or Verizon or metro would do

@secinject814 2 ай бұрын

Yeah that was the weirdest line like, okay that technique for a device compromise is "solved" as in we know how it works (yay microsoft wowee) but we ajn't doing anything. My rule is I never click anything in an email unless it's a password reset I know I just initiated.

@Jack-qj2pr 2 ай бұрын

You've grown into your role really well. You certainly come across as much more confident compared to when you started Threatwire. You're doing great!

@JohnPeter-yf5jf 2 ай бұрын

Haven’t watched since she started, still a little tough but this one was important today.

@xxxxzzzzz5943 2 ай бұрын

All women are QUEENS

@annnooon8455 2 ай бұрын

@@JohnPeter-yf5jfwhat happened to Shannon?

@HyperMakes 2 ай бұрын

@@annnooon8455That's what i was wondering too. Looks like Shannon has parted away from Hak5.

@WhyOOWhenCanOOIIO 2 ай бұрын

@@annnooon8455 Shannon left due to health issues. She still posts on her channel. You can find her final episode where she discusses her departure in the Nov 7 2023 ThreatWire.

@stevenpugh5412 2 ай бұрын

Thanks for all the work putting this together.

@ducodarling 2 ай бұрын

Where's the rest of the info on the phishing attack? How does hiding elements result in a phishing attack anyway? Is there a CVE? Suggestions for the laymen?

@garicrewsen1128 2 ай бұрын

Definitely the last request! TIA😊

@gabethedog4043 2 ай бұрын

The CSS can change what the email says after it detects that it has been forwarded because an email that has been forwarded has been offset. It could be programmed to notice that, then change what the text says based on that. The scheme was to trick the first recipient to forward the email. Next, the email changes the text to something "malicious" like sending money as the article used as an example. In the long run, it appears that the email was forwarded from your boss (because it was) and says to send money. You ask your boss to confirm he sent you an email, and he says that he has indeed sent an email. He did not know you meant an email to send money. He thought you meant the innocent email which may have only said "forward this to (person 2) because I do not know his email address" but the text was changed by the CSS after detecting the format change due to being forwarded. Hopefully you understand now, and this isn't too long.

@OneWildTurkey 2 ай бұрын

@@gabethedog4043 Thanks!

@squarefpvsmind 2 ай бұрын

00ppLl. DQzpq v

@MyEyeOnAi 2 ай бұрын

Thank you

@BobCollins42 2 ай бұрын

D-Link says FU to its customers. I say FU to D-Link.

@SimonGreen85 2 ай бұрын

Fu dlink are words to live by

@DinoNucci 2 ай бұрын

Who buys D Link?

@BobCollins42 2 ай бұрын

@@DinoNucci Obviously, many people do, as per Ali's report.

@DinoNucci 2 ай бұрын

@@BobCollins42 why

@Ottomanmint 2 ай бұрын

D-Link & WD Security patches either don't work as claimed or don't manifest lately...

@dunce_cap 2 ай бұрын

Informative as always, thanks!

@spirit.canada 2 ай бұрын

You and your team are doing great! Thank you for this valuable info

@stuxed 2 ай бұрын

Shared! Thank you!

@wilgarcia1 2 ай бұрын

ooff. If I ever have hardware bricked by an update. I will never buy that brand again.

@RidinWithMyLocsOn 2 ай бұрын

Always interesting and informative, thank you! Stay safe!

@solarwind907 2 ай бұрын

Good job! Thanks for the helpful content!

@briianhebert 2 ай бұрын

Thanks for the video

@zainuddinbrahim4625 2 ай бұрын

Appreciate the info

@MatthewCallier 2 ай бұрын

Another great episode.

@pehden 2 ай бұрын

Okay, so this is my favorite video so far, 100% at every point of it. Ready for the next one.

@niallflynn1833 2 ай бұрын

After eol/eos, release the source code and schematics....

@MrPir84free 2 ай бұрын

In D-Link's case, it would have meant that hackers would have gained access to the devices much earlier; default logins and passwords are always a bad thing; usually a sign of a company that does not give a crap about security, just selling product, abandoning it when it stops making money, then selling more new product just as long as they can make a dime. People should steer clear of D-Link products. Their approach to security and how it sees its customer base is abhorrent.

@David_998 2 ай бұрын

Love the smile and dimples 😊 thanks for the info

@justforyounl7388 2 ай бұрын

For the nas exploit they could just release there firmware to the public, so the open source community can do something about it!

@jamescarroll6954 2 ай бұрын

Interesting name. Latrodectus is a genus of spiders, including Black Widow. (L. Mactans)

@zer0r00t 2 ай бұрын

Wait Sonos never did that iirc. They simply split the systems into v1 and v2 so newer devices could only be grouped with newer devices and vice versa

@oxoboo 2 ай бұрын

I believe she was referring to Sonos's "Recycle Mode" that bricked old speakers and was required to enable for Sonos's trade-up program to get a discount. Edit: clarification

@zer0r00t 2 ай бұрын

@@oxoboo hmm yea. True that. But that was opt-in. It was basically a trade-in, but without actually sending the hardware to them. So essentially it's the same thing. You 'trade-in' aka disable your old hardware and get the discount

@DinoNucci 2 ай бұрын

Wrong

@Stephanie3XL 2 ай бұрын

heavy going with lots of big words. simple layman's terms with what to do/not to do would help my seriously cluttered mind. happy saturday

@secinject814 2 ай бұрын

It's a balance because there's technical folk who want some details and more layman level of knowledge who just want to know what to do for protection.

@DNETREAPER 2 ай бұрын

Thanks for another good video!

@mrmiyagi5 2 ай бұрын

HTML in EMAIL was a mistake bros.

@adonaiblackwood7172 2 ай бұрын

This is interesting! Stay aware!

@infinitivez 2 ай бұрын

Grow with you, no problemo. Occasionally late, we'll eagerly wait for you all. But no PUPPY?!?! HOW COULD YOU DO THIS TO US?!?! 😜

@KDR911KO 2 ай бұрын

The puppy thing is a great attachment like a call of duty attachment lol 😂 anywho she should hired by metro

@KDR911KO 2 ай бұрын

I'm not sorry but Will be a better pet next time 😂

@DinoNucci 2 ай бұрын

WAT!?

@innerfire369 2 ай бұрын

I just have one question about the oldest episodes of the threatwire. Where are they?

@jordanyoung1836 Ай бұрын

Always keep your emails safe

@MrPir84free 2 ай бұрын

Imagine a car company telling their customers that their vehicles are designed to last 5 years, because that's when the warranty expires; at the end of 5 years, customers should take their vehicles to the junkyard and sell it as scrap. Then the customer should return to buy the next round of vehicles, also with a 5 year lifespan. This is what D-Link is telling their customers. Worse, the manufacturer created the issue by including default logins and passwords, which is an industry norm to AVOID at all costs. Yet, D-Link says to their customer base - toss it in the trash, and come buy something new instead. Folks, it's time to NEVER buy a D-Link device, even to include a unmanaged switch, or a cable ; vote with your money and send it anywhere but D-Link.

@ch1pnd413 2 ай бұрын

❤ excellent content 👍🏻

@FunkCakes 2 ай бұрын

Its very annoying these situations exist. Although the public can't top this we can more careful in the selection of products we choose to use. We need to strive to not choose products that are D-Link to a bad experience. 😅

@KDR911KO 2 ай бұрын

Just remember that awareness of these things matter so you can prevent another attack.

@debugin1227 2 ай бұрын

dlink attitude to security is the reason I won't buy any more of their products. hard coded reds warrants and update if out of support because of the stupidity of the vendor to include one Mr Potato Head... Mr Potato Head back doors are not secret and they should know it

@xXDarthBagginsXx 2 ай бұрын

In the end, just build your own NAS.

@CanadaHasFallen 2 ай бұрын

Dlink has had a horrible reputation since....forever? at least 2005?

@hak5 2 ай бұрын

2 points for the War Games quote ~Darren

@secinject814 2 ай бұрын

Yeah hardcoded creds are an invite for compromise. And they're usually unbelievably easy, short and predictable. Probably didnt even need to bruteforce it with a program lol

@robotron1236 2 ай бұрын

Why would people make fun of the name Ally Diamond? That's not even a weird name...

@KDR911KO 2 ай бұрын

Kingphisher is a compaign awareness like what a ciso does

@SloppyPastrami 2 ай бұрын

if a company is going to EOL/EOS a hardware product, then they should release the software and firmware so owners at least have the option to maintain them on their own.

@UNcommonSenseAUS 2 ай бұрын

6:21 please validate me

@hcfdewet1 2 ай бұрын

Why does D-Link not make the EOL/EOS firmware available to the Open Source community?

@cesar3422 2 ай бұрын

Nice tablecloth

@sandsquid Ай бұрын

You go grrl!

@user-lg4le8xr4s 2 ай бұрын

Honestly, even if D-link released a patch, the type of person who is exposing an EoL device's management interface (or ANY device really) directly to the internet isn't going to update it anyways, and probably will never even hear about this CVE.

@vectoralphaAI 2 ай бұрын

Its always hard when doing something new so its ok. You will get more comfortable with news delivery as time goes by.

@gaptastic 2 ай бұрын

You're kicking ass. I'm glad Hak5 is continuing with Threatwire and I'm glad you're taking it over. Wish you the best in this role. Ignore the haters, for haters will only hate.

@marks0117 2 ай бұрын

Keep up the good work, guys.

@IndyAdvant 2 ай бұрын

Lutra link is broken

@ShinitaiKokii 2 ай бұрын

🔗 Story 1: New Kind of Phishing Attack link does not work!

@hak5 2 ай бұрын

fixed - ali

@ultranadax6852 2 ай бұрын

Sub’d- great info and delivery!

@ReligionAndMaterialismDebunked 2 ай бұрын

Shalom.

@userou-ig1ze 2 ай бұрын

2:00 have them install JavaScript?

@RCBMW Ай бұрын

What is she even talking about? I'm lost!!

@imca_b_5517 2 ай бұрын

It was major issue in the world 🌍 "email attack"

@VincentGroenewold 2 ай бұрын

Great work! Ignore bad comments, embrace useful criticism and focus on the positive ones, tough for us humans to do but it helped me quite a bit. Keep on rocking!

@garicrewsen1128 2 ай бұрын

Many creators suggest not reading the comments. Kinda defeats the purpose of commenting, though. Maybe hire someone to proof the comments, remove the negative, overly critical and childish ones? Although you've no need to worry about them. You're doing great. Thx and keep it up! 😊

@Videos_Marco_Multicanal 9 күн бұрын

😮

@ZeNex74 Ай бұрын

Noob now subbed and hit the bell

@ScriptureFirst 2 ай бұрын

🙋🏻‍♂️ startup 💎 2 man team 1️⃣ customer 😏 but he’s paying all the bills 🙌🏼

@woritsez 2 ай бұрын

never trust ppl that forward email

@Rochester92G 2 ай бұрын

Smart company. Gets attractive women to present technical information.

@blookolla 2 ай бұрын

Where's Shannon?

@KDR911KO 2 ай бұрын

Still permission denied because of passkeys

@nicolasferrari7146 2 ай бұрын

It's kind of scary nearly 1 mil people subscribe to hak5.

@blookolla 2 ай бұрын

It started off well.

@miproduction6196 2 ай бұрын

@@blookollawhat what is she declining or something

@scentilatingone2148 2 ай бұрын

Those dimples

@Kyus2001 2 ай бұрын

Cicada3301 good actors

@KDR911KO 2 ай бұрын

I'm cool with threatwire

@russell28533 2 ай бұрын

Good work Ali

@Starfire42 2 ай бұрын

Dlink is horrible as usual. Great work Ali!

@tommyboy3164 2 ай бұрын

…..I can’t….

@qkb3128 2 ай бұрын

That’s ridiculous that forces people to upgrade all their hardware. Sounds like you don’t want to buy D-link…lol just Dlink there product.

@redslashed 2 ай бұрын

No Ali Diamond sound so cool

@0Buddhaspot0 2 ай бұрын

👽☠️👾

@user-uz4ti5zs8z 2 ай бұрын

thumbs up on that dress thumbs up! like the beerrrrrrr beerrry

@yanasitta 2 ай бұрын

Burberry, how decadent.

@gravelguitar9443 2 ай бұрын

HTTP, OR HTTPS?

@seb_gibbs 2 ай бұрын

D-Link needs to pull their socks up; do they really like to be supporting hackers? I've always used TP-Link.anyhow

@astrogatorjones 2 ай бұрын

You’re doing fine.

@agritech802 2 ай бұрын

4 years is a joke for eol, it should be 15 years at least

@KDR911KO 2 ай бұрын

Try and catch and patch your services

@blckwaterpark 2 ай бұрын

Lesson to learn here, never buying any D-Link devices knowing how insecure they are just after a few years..

@AnonMedic 2 ай бұрын

The fact D-Link won't just release a patch makes me never want to buy another D-Link product again. Also I just noticed you got the cutest dimples ever.

@sigmamale6143 2 ай бұрын

I'm not even in cyber security stuff but I'm here for her cute dimples God made so beautiful people

@electricsushi 2 ай бұрын

Something is off with the transcoding. Not complaining about the 720P choice, but should not have this may artifacts.

@Human_Shrek 2 ай бұрын

she's so adorable and informative. thank you, threat-wire as always.

@lossless4129 2 ай бұрын

You’re great! Keep it up

@DinoNucci 2 ай бұрын

PizzA

@RCBMW Ай бұрын

Hey, looking good, love your golf vids

@Chris558576 2 ай бұрын

I'm done with D-Link. Clearly they are not on the side of consumers.

@canlelola 2 ай бұрын

Why on earth do people forget or have never come across w3c or w3school?

@secinject814 2 ай бұрын

While im still looking for a job atm, throughout my learning on Tryhackme, Hackthebox, portswigger(so far), some books and studying for my Sec+ exam I don't think it has ever been mentioned. Perhaps once but not in enough detail to remember. Ive heard of the IEEE and IANA, but not w3c, there's sooooo much info in learning the fundamentals of the web/software/different OS'/networking/Active Dir/cloud/back-end & front-end, cyber- security, coding... Obvs I know you don't need to be proficient in all these areas, but the amount of information is mind boggling. It's so easy to miss stuff that more experienced people assume you would run across.

@JoeyFun 2 ай бұрын

Ignore the haters, idk why anyone would make fun of your name. My driving instructor's last name was Diamond and it was pretty kewl! Anywho, keep up the great work.

@adrift4days 2 ай бұрын

RIP SOPHIE

@bfrancis9898 2 ай бұрын

D-fective link

@SHAZAMYOUNGORDER 2 ай бұрын

🪥

@kjetilhvalstrand1009 2 ай бұрын

they always done this crap, they used type words with mispelling as well.

@bigboldsale 2 ай бұрын

What happened to Shanon?

@w3w3w3 2 ай бұрын

im interested to know myself, just out of curiosity

@KDR911KO 2 ай бұрын

Cloud C2 rem fix eol nas server cve

@jamescooper4649 2 ай бұрын

show us ur linux skills

@MrMonkeySocks 2 ай бұрын

“iTs ThE pENgUiN”

@MajesticBlueFalcon 2 ай бұрын

I miss Snubs 😢

@DJMerck 2 ай бұрын

We all do a lil. What happened? I quit paying attention for a lil over a year, maybe 2 and now everyone is gone.

@asishreddy7729 2 ай бұрын

Nothing ruins a beautiful girl like fake body parts. That lip filler….

@juriendejong5201 2 ай бұрын

You cool, please continue

@secinject814 2 ай бұрын

I think you're a good presenter, no complaints!

@jasonybarra8277 2 ай бұрын

Your cool new snubs remember the old phrase "trust your techno lust" and my favorite " drink all the booze hack all the things"🖖🖖🤘🤘🤘🤟

@endingwithali 2 ай бұрын

new snubs LMAOOOOO

@michael5743 19 күн бұрын

Hey Ali. You're cute. We're going to have to figure out a means to cryptographically send each other our numbers here soon.

@Akshun82 2 ай бұрын

_No dog with me this week_ *Unsubscribes*

@JohnPeter-yf5jf 2 ай бұрын

lol 4yr out of date while windows xp still running on a network somewhere