InfoSecDragon

This is one of my fave current strats by malware delivery systems: They are not targeting end victims first. They’re targeting the trust layer. Attackers compromise legitimate advertisers or small ad agencies. There are thousands of these entities, typically small teams (1–10 people) with weak IAM, poor MFA enforcement, and minimal audit visibility. Once inside, they gain control of accounts connected to Google Ads or other trusted advertising pipelines. That access is the asset. They then monetize it in two ways: Direct use: run malicious ad campaigns (malware, phishing, fake installers) under a legitimate, reputation-backed account. Access brokering: resell campaign access to other operators who want distribution without building trust themselves. Persistence is maintained deliberately: Malicious ads are embedded within existing campaigns to avoid obvious anomalies. Additional users are provisioned to maintain redundancy and prevent lockout. UI-layer manipulation is used to reduce visibility (buried campaigns, naming collisions, low-visibility configurations). Dwell time can extend for months because detection relies on owner-side observation, not platform enforcement. In many cases, attackers inject their own funding into the account. This stabilizes spend patterns and avoids triggering billing or budget anomalies that would alert the legitimate owner. The objective is to preserve the integrity of the trust relationship for as long as possible. The entire model hinges on one factor: once an account is trusted by the ad platform, that trust can be operationalized and resold. ☯️

I am proud to be one of the 100 journalists who signed the letter defending the @InternetArchive's essential @WayBackMachine. Corporate news outlets now trying to block archival preservation of the news is a betrayal of the ideals of journalism. x.com/i/trending/204…

LinkedIn secretely scans for 6,000+ Chrome extensions, collects data bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

New breach: Crunchyroll suffered a data breach last month which reportedly exposed data from its Zendesk support system. 1.2M unique email addresses attributed to the incident were provided to HIBP today. 82% were already in @haveibeenpwned. Read more: haveibeenpwned.com/Breach/Crunchy…

Reminder that the mortal remains of Twitter are no longer monitored by the global team, making it more important than ever to follow the simple, foundational rule that events teams stay in touch with info@bsides.org with event dates and other updates.

The airwaves need your help. Here's why RF Village at DEF CON matters and why we're asking for your support. Let me paint you a picture. It's DEF CON. Las Vegas. August. A few thousand people packed into a room that smells faintly of solder and energy drinks. On one side, someone is dissecting a garage door opener. On the other, a first-timer just realized they can read their neighbour's wireless power meter with a $25 USB dongle and some open-source software. In the corner, a CTF team is hunched over laptops trying to decode a mystery signal before time runs out. That's RF Village. That's RF Hackers Sanctuary. We are a community of security researchers, radio nerds, engineers, and curious humans united by one belief: the radio frequency spectrum is deeply embedded in modern life and almost nobody is paying attention to how insecure it is. Your car. Your front door lock. The airport. Hospitals. Power grids. Critical infrastructure. Nearly all of it whispers secrets through the air. We teach people to listen and to fix what's broken. Every year at DEF CON, RF Village runs: - Hands-on classes in WiFi and Software Defined Radio (SDR) security - Guest speakers and panels featuring some of the sharpest minds in RF security - Radio Frequency CTF (Capture the Flag) the best in the world. where players race to find, decode, and exploit wireless signals We run this on the power of volunteers and the generosity of sponsors who get it. People who understand that security education isn't just cool, it's necessary. So here's the ask. We're actively looking for sponsors for the 2025–2026 season. Whether you're a company that builds RF systems, a security firm that wants to put your name in front of thousands of the most technically skilled attendees on the planet, or just someone who believes this community deserves to thrive, we want to hear from you. The sponsorship form is right here 👉 rfhackers.com/sponsors/ And if you can't sponsor right now? Share this post. Seriously. Tag a company. Tag a person. Tag your CISO. The right sponsor might be one repost away. The spectrum doesn't secure itself. Let's build the community that will. RF Hackers Sanctuary - Learn, explore, and enhance your skills. @rfhackers | @rf_ctf

@amal and @DangerousThings is doing something fun, proxmark3.app Interactive webshell, needs #chrome #edge to work

Cool, proxdump.com is back online. How to upload from inside proxmark3 client: `mqtt send -f <mydumpfile.json>` Easy peasy sharing

Oracle pushes emergency fix for critical Identity Manager RCE flaw bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

Age verification puts all users at risk of data breaches, EFF’s Rin Alajaji told @business, and requiring ID for social media could chill speech, particularly from whistleblowers or activists who rely on anonymity. bloomberg.com/news/articles/…

LOLFSAAS Living off Free SaaS Hundreds of SaaS platforms with free tiers, documenting abuse surface, opsec risks, authent methods, C2 framework mappings, and operational limits. lolfsaas.github.io

Betterleaks, a new open-source secrets scanner to replace Gitleaks bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

LOLEXFIL Living off the land Data Exfiltration method lolexfil.github.io

@vxgiveaways @OSINTindustries You had me at OSINTindustries....

Our friends at @OSINTindustries have some extra merch to giveaway to 5 lucky winners each winner will receive the following - T-shirt - Hat - Challenge Coin - Stickers Follow @vxgiveaways and @OSINTindustries and comment below to enter

Critical infra Honeywell CCTVs vulnerable to auth bypass flaw - @billtoulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

Can LNK files ever be trusted? ⚡ My latest blog post demonstrates several new LNK abuse methods, allowing you to fully spoof the target shown in Explorer. It also introduces tools to create your own LNKs, and detected spoofed ones yourself. 🐬 wietzebeukema.nl/blog/trust-me-…

Zendesk spam wave returns, floods users with 'Activate account' emails - @Ax_Sharma bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

🚨 Coinbase confirms an insider breach after a contractor improperly accessed data for 30 customers. BleepingComputer learned the breach occurred in December. This comes after screenshots of internal Coinbase support tools were leaked. 👉Learn more: bleepingcomputer.com/news/security/…

2004: The initial release of TrueCrypt, version 1.0, was made available. 10 years later the TrueCrypt website unexpectedly announced that the development of TrueCrypt had ended and that the tool wasn't secure.

The UK government is moving forward with new rules under the Online Safety Act that will ban VPN services for anyone under 18. VPN providers will be required to carry out age verification. This is expected to involve ID checks or other forms of personal identification to confirm users are 18 or older. If enforced, adults in the UK would also need to prove their age with official ID to continue using most commercial VPN services. The stated purpose is to prevent children from accessing age-inappropriate or harmful content online.