EPISODE · Jul 29, 2022 · 47 MIN
Episode 114 - BACK OFF THE MIC JAV!
from The Host Unknown Podcast · host Robin Banks, Andrew Agnês, Thom Langford, Javvad Malik
This week in InfoSec With content liberated from the “today in infosec” twitter account and further afield25th July 2007: The US Ninth Circuit Court of Appeals ruled that IP addresses and to/from email fields can be monitored without probable cause. Appeals Court Rules No Privacy Interest in IP Addresses, Email To/From Fieldshttps://twitter.com/todayininfosec/status/115479199039704268829th July 2009: The first Security BSides conference was held in Las Vegas in a 3,767 square foot house.http://www.securitybsides.com/w/page/50746315/BSidesHistoryhttps://twitter.com/todayininfosec/status/1156078833277128704 Rant of the WeekHackers scan for vulnerabilities within 15 minutes of disclosureSystem administrators have even less time to patch disclosed security vulnerabilities than previously thought, as a new report shows threat actors scanning for vulnerable endpoints within 15 minutes of a new CVE being publicly disclosed.According to Palo Alto's 2022 Unit 42 Incident Response Report, hackers are constantly monitoring software vendor bulletin boards for new vulnerability announcements they can leverage for initial access to a corporate network or to perform remote code execution.However, the speed at which threat actors begin scanning for vulnerabilities puts system administrators in the crosshairs as they race to patch the bugs before they are exploited."The 2022 Attack Surface Management Threat Report found that attackers typically start scanning for vulnerabilities within 15 minutes of a CVE being announced," reads a companion blog post.Since scanning isn't particularly demanding, even low-skilled attackers can scan the internet for vulnerable endpoints and sell their findings on dark web markets where more capable hackers know how to exploit them.Then, within hours, the first active exploitation attempts are observed, often hitting systems that never had the chance to patch. Billy Big Balls of the WeekNew ‘Robin Banks’ phishing service targets BofA, Citi, and Wells FargoA new phishing as a service (PhaaS) platform named 'Robin Banks' has been launched, offering ready-made phishing kits targeting the customers of well-known banks and online services.The targeted entities include Citibank, Bank of America, Capital One, Wells Fargo, PNC, U.S. Bank, Lloyds Bank, the Commonwealth Bank in Australia, and Santander.Additionally, Robin Banks offers templates to steal Microsoft, Google, Netflix, and T-Mobile accounts.According to a report by IronNet, whose analysts discovered the new phishing platform, Robin Banks is already being deployed in large-scale campaigns that started in mid-June, targeting victims via SMS and email. LockBit 3.0 introduces the first ransomware bug bounty programWith the release of LockBit 3.0, the operation has introduced the first bug bounty program offered by a ransomware gang, asking security researchers to submit bug reports in return for rewards ranging between $1,000 and $1 million."We invite all security researchers, ethical and unethical hackers on the planet to participate in our bug bounty program. The amount of remuneration varies from $1000 to $1 million," reads the LockBit 3.0 bug bounty page.However, this bug bounty program is a bit different than those commonly used by legitimate companies, as helping the criminal enterprise would be illegal in many countries.Furthermore, LockBit is not only offering bounties for rewards on vulnerabilities but is also paying bounties for "brilliant ideas" on improving the ransomware operation and for doxxing the affiliate program manager.The following are the various bug bounty categories offered by the LockBit 3.0 operation:Web Site Bugs: XSS vulnerabilities, mysql injections, getting a shell to the site and more, will be paid depending on the severity of the bug, the main direction is to get a decryptor through bugs web site, as well as access to the history of correspondence with encrypted companies.Locker Bugs: Any errors during encryption by lockers that lead to corrupted files or to the possibility of decrypting files without getting a decryptor.Brilliant ideas: We pay for ideas, please write us how to improve our site and our software, the best ideas will be paid. What is so interesting about our competitors that we don't have?Doxing: We pay exactly one million dollars, no more and no less, for doxing the affiliate program boss. Whether you're an FBI agent or a very clever hacker who knows how to find anyone, you can write us a TOX messenger, give us your boss's name, and get $1 million in bitcoin or monero for it.TOX messenger: Vulnerabilities of TOX messenger that allow you to intercept correspondence, run malware, determine the IP address of the interlocutorand other interesting vulnerabilities.Tor network: Any vulnerabilities which help to get the IP address of the server where the site is installed on the onion domain, as well as getting root access to our servers, followed by a database dump and onion domains.The $1,000,000 reward for identifying the affiliate manager, known as LockBitSupp, was previously offered on the XSS hacking forum in April. Industry NewsNo More Ransom Has Helped Over 1.5m VictimsUS Doubles Reward for Info on North Korean HackersCriminals Use Malware as Messaging Bots to Steal DataCyber-Criminal Offers 5.4m Twitter Users’ DataEuropean Police Arrest 100 Suspects in BEC CrackdownSocial Media Accounts Hijacked to Post Indecent ImagesHackers Change Tactics for New Post-Macro EraRansomware Group Demands £500,000 From SchoolSpanish Police Arrest Alleged Radioactive Monitoring HackersTweet of the Weekhttps://twitter.com/danielmakelley/status/1550884696355225601 Come on! Like and bloody well subscribe!
What this episode covers
This week in InfoSec pays homage to the the best conference for hackers, by hackers Rant of the Week laughs at your 14 day patching cycle Billy Big Balls is the opposite end of the scale to a 419-scam with bad spelling Industry News brings us the latest and greatest security news stories from around the world And Tweet of the Week could probably be found in the Shower Thoughts subreddit
NOW PLAYING
Episode 114 - BACK OFF THE MIC JAV!
No transcript for this episode yet
Similar Episodes
Dec 5, 2025 ·50m
Oct 9, 2025 ·33m
Oct 3, 2025 ·40m
Sep 11, 2025 ·31m
Aug 27, 2025 ·39m
Aug 18, 2025 ·54m