Notices by Fellows (fellows@cyberplace.social), page 5

@GossiTheDog so is the idea that if no one pays that ransomware will stop because there’s no money in it?

@GossiTheDog wow that’s low. Anyone got a lettuce?

Haven't come across these guys before…

Exactag[.]com being used as the URL in phishing/malware emails I've seen over the last 24 hours. Email is pretending to be a Microsoft Office 365 mail delivery report. Sample Below.

Google says “the Exactag platform allows you to reshape and future-proof your measurement through unique data collection and cutting-edge algorithms.” Which I think in simpler terms translates to ‘a place where malicious actors can hide their malicious URLs’

#ThreatIntel

Just a friendly reminder that Googleweblight[.]com is still being used by malicious individuals/groups as a trusted URL in their phishing/malware emails.

Even though Google discontinued the service way back in 2022, it still lives on.

Apparently Google Web Light’s sole purpose now is for deceptive URL redirections for fake DocuSign emails. I guess that's one of the reasons why Google needed to buy Mandiant.

#ThreatIntel

Just a friendly reminder that malicious groups/individuals like to use URLs that point back to Cloudflare's IPFS system in their malicious emails (this isn't something new). Cloudflare-ipfs[.]com is the domain to watch out for.

Seeing a slight uptick in malicious email using Cloudflare IPFS again. Specifically ones pretending to be a “Salary Upgrade” email where the user is asked to click a link to confirm their new salary information for 2024.

#ThreatIntel

@GossiTheDog I’m jealous that it’s already 5pm there! Waiting for my own 5pm.

@GossiTheDog sounds like the beginnings of skynet to me.

@GossiTheDog @briankrebs You were right Kevin. The MSRC entry has been corrected. They said it was mistakenly updated.

@GossiTheDog I feel like I just travelled back in time - do you still play Starfield?

@GossiTheDog does the ‘summarize this meeting’ feature take the same liberties as copilot does when asking general questions? Could make for some pretty funny and fictitious summaries!

@GossiTheDog this stuff has gotten out of hand. Capitalism is great, but at what overall expense.

I hate bureaucratic regulations, but it seems like some form of regulation is needed here.

I mean come on, would you buy a car today where it costs extra for bumpers, seatbelts, and airbags? This wouldn’t even be permitted. They’re standard safety requirements.

I think we need some form of minimum “safety” requirements to keep us all safer online.

Seeing un uptick in phoney RFP phishing/malware emails over the last 24 hours where the URL in the email is using the canva[.]com domain. A domain I haven't seen used in a bit. Google says that Canva is a free-to-use online graphic design tool. Use it to create social media posts, presentations, posters, videos, logos and more.

I guess the “and more" part of Canva’s description includes phishing/malware landing pages.

#ThreatIntel

@GossiTheDog way too funny!

Seeing a lot of password reset phishing/malware emails over the last 24 hours where the URL in the email is using the beehiiv[.]com domain. Google says that Beehiiv is a newsletter platform built for growth. However, it too appears to be built for phishing! #ThreatIntel

@GossiTheDog I remember that! Yep, basically that’s it. You did not want to be heading into a meeting with folks you’d never work with, from departments you had little or nothing to do with - dead giveaway.

@GossiTheDog once upon a time I worked for a place that liked to fire people by scheduling a conference room meeting. Basically they would mass fire a conference room filled with employees. Worse part was they did so over the conference room phone, no one from HR was physically present. The good old Polycom 7000 would ring and that would be that.

@GossiTheDog He actually returns as a Democrat after a freak accident

@GossiTheDog Reach around is where my mind first went, but I didn’t want to say it…. Now that you’ve said it it’s okay, I agree, ReachAround lol

@GossiTheDog I thought it was a great movie. Apparently certain people are pissed that former US president Obama produced it.