Notices by Fellows (fellows@cyberplace.social)

@GossiTheDog Is your severed the shit poster? 😀

@GossiTheDog hahaha so true!

@GossiTheDog looks like the sword post triggered it

@GossiTheDog pretty detailed, very cool!

@GossiTheDog I was thinking about records the other day. Then my mind went to laser discs. I was recounting going to a demonstration with my Dad of one of the first retail production laser disc systems. The movie that was demoed was “True Lies” and it was on a laser disc which was about the same size as a standard record. I remember at the time being in awe because the picture and sound were out of this world.

@GossiTheDog is this being abused for file sharing?

I’ve been seeing an increase in the number of malicious emails using infogram[.]com in the lure url.

Apparently infogram[.]com is trusted by over 10M+ users worldwide. I wonder if they include malicious threat actors in that count?

Infogram[.]com says you can use their service for charts, maps, Infographics, Reports, and More. I guess phishing is “more”. Since the service has a free tier that lets you publish online, you can see why it’s perfect for your budding threat actor.

#ThreatIntel

@cirriustech @GossiTheDog Thanks for the info! From their site: “The Logo API is offered as a free, legacy product and is unsupported at this time”. Good chance that means it’s not monitored for abuse! Hopefully they’ll EOL it before December 1st.

Recently I’ve seen a number of good looking malicious emails pretending to be from various orgs, all with included company logos.

Looking over the HTML of the emails I noticed an image URL common to all of them, logo.clearbit[.]com. It was in the image tag for logo.

It’s a company logo API that uses logo.clearbit[.]com/“domain.whatever” for logo creation.

Might be a domain you want to start filtering for, as the API is clearly being abused thanks to it being absolutely free.

#ThreatIntel

@GossiTheDog I have to watch the entire season again. Too much times passed since it originally came out that I need a refresher.

@GossiTheDog that doesn’t seem very humane

@GossiTheDog it had a good run

Over the past few days, I’ve noticed a variety of malicious emails with different styles. All of these emails use the lure URL link.shoppermeet[.]net.

Link attempts to redirect users to a Microsoft 365 phishing page for credential harvesting. The threat actor even tries to include company images and logos to make the email appear more legitimate.

#ThreatIntel

If you still haven’t applied Microsoft Office patches since January 2024, now might be a good time to

https://www.bleepingcomputer.com/news/security/critical-rce-bug-in-microsoft-outlook-now-exploited-in-attacks/

@GossiTheDog I guess it’s no Starfield

@GossiTheDog aside from graphics, is the gameplay any good?

@GossiTheDog I think this fits the quintessential definition of “first world problem”

Not sure if you’ve heard of Pixpa[.]com. They label themselves as “an easy, all-in-one portfolio website builder for photographers & creators…”

I’ve recently seen threat actors use Pixpa as a trusted domain within links in malicious email campaigns. Watch out as the service isn’t always photography.

#ThreatIntel

@GossiTheDog I cracked out my Nintendo Switch the other day after seeing your post about the Switch 2. As a guy born in the first half of the 1980s, maybe it’s the nostalgia, but I like the gameplay of stuff like Mario Wonder. I bet the Switch 2 outsells everything - I’m in for one.

The fact that the X/S is trailing the One in sales doesn’t seem too surprising

@GossiTheDog wow that’s neat, and kinda terrifying.

I wonder what my neighbours would think if I started flying that over their homes. I had to write a test and get licensed just to be able to fly my drone here!