***Official Political Discussion Thread***

Belgium

formerly colombia
19,472
25,112
Joined Jan 12, 2013
https://www.bbc.com/news/technology-53607374
Twitter hack: Staff tricked by phone spear-phishing scam



I just read up on how that massive Twitter hack Bitcoin scheme was conducted. Unsurprisingly, it was done via good old phone spear-phishing. Honestly, when will these people learn? Even less surprising, the scheme was perpetrated (allegedly) by a 17 year old from Florida according to federal prosecutors.
Employees were tricked into granting access to security credentials for access to Twitter's internal network.

It's the oldest trick in the book and yet somehow remains the most effective. This is how hackers bypass your 2-Factor Authentication too. Verizon for example has a tool called Omni, which allows anyone with access to the tool to swap people's SIM cards. This is done to redirect 2-FA verification codes to a device controlled by the perpetrator. This method is referred to as SIM swapping.
The perpetrator simply tricks an employee into granting access to the Omni tool or using the tool at the direction of the perpetrator and that's it. Other providers have similar tools but I don't know their names, if they're named at all. Comcast is also notorious for falling for this trick very easily.
 
Last edited:

Belgium

formerly colombia
19,472
25,112
Joined Jan 12, 2013
Humans will always be the weakest link when it comes to cybersecurity. :lol:
A bit of effort does go a long way. I commend Microsoft for how effectively they've curbed the success rate of tricking their customer support into handing over login credentials. In the early 2010s, people's Xbox accounts were being jacked left and right by the hundreds and then sold for substantial amounts of money. The final push that caused Microsoft to enforce some kind of training and extra security was that one of their employees used his authority to switch taken usernames to a new account of his choosing, which he then sold to people involved in conspiring to steal accounts.

Over time it became a fool's errand to try to steal accounts directly via Microsoft's customer support, as evidently they had received some sort of training that worked remarkably well. Of course what then happened was that the hackers just went to the phone/internet providers.
 
4,849
10,178
Joined Aug 24, 2017
This article is confusing. She's a Trump supporter but bought her grandson a bulletproof vest that she knew he wanted to wear to a protest. If she's anti-protest like all of MAGA land then why would she help him get a vest for protest purposes and then snitch on him? That's wild. I'd drive to her crib after being released and push her down 6 flights of stairs.
 
95,950
82,288
Joined Mar 30, 2007
I think tiktok is corny AF but dude needs to stop acting like he's not just trying to ban them off the fact they're a successful Chinese company in America. Barron getting 0 cheeks in high school if his dad gets TikTok banned

don’t forget they successfully trolled his campaign with that whole ticket thing

 

plansb

Supporter
6,629
11,006
Joined Jan 11, 2014
The new right winger thing I’ve been seeing is that they want property tax refunds because schools are closed thus no one is working at the schools. One of my idiot cousins posted this thing that said that and it set my mom, who has worked in an elementary school for 25 years, off. Pretty disrespectful to educators and support staff who all work very hard and are so important to our society. My mom is not one to fight with relatives like I am, so it’s good to see them realizing how terrible these people actually are. In my opinion my maga cousins/aunt/uncles can all go to hell, I will never talk to any of them again. Selfish ****ing *******s, the whole lot of them. I really hope all of these people are shunned when things do go back to normal, since they’ve really done a fantastic job exposing themselves for the racist selfish fools they are during this pandemic
 
5,715
8,293
Joined Dec 12, 2012
https://www.bbc.com/news/technology-53607374
Twitter hack: Staff tricked by phone spear-phishing scam



I just read up on how that massive Twitter hack Bitcoin scheme was conducted. Unsurprisingly, it was done via good old phone spear-phishing. Honestly, when will these people learn? Even less surprising, the scheme was perpetrated (allegedly) by a 17 year old from Florida according to federal prosecutors.
Employees were tricked into granting access to security credentials for access to Twitter's internal network.

It's the oldest trick in the book and yet somehow remains the most effective. This is how hackers bypass your 2-Factor Authentication too. Verizon for example has a tool called Omni, which allows anyone with access to the tool to swap people's SIM cards. This is done to redirect 2-FA verification codes to a device controlled by the perpetrator. This method is referred to as SIM swapping.
The perpetrator simply tricks an employee into granting access to the Omni tool or using the tool at the direction of the perpetrator and that's it. Other providers have similar tools but I don't know their names, if they're named at all. Comcast is also notorious for falling for this trick very easily.
It reminds of this article I remember reading a while back.
 
Top Bottom
  AdBlock Detected

Sure, ad-blocking software does a great job at blocking ads, but it also blocks some useful and important features of our website. For the best possible site experience please take a moment to disable your AdBlocker or head over to our upgrade page to donate for an ad-free experience Upgrade now