Dropbox Suffers Major Breach in Phishing Attack

It’s no secret that cyber attacks are on the rise, and that no company is immune to them. Dropbox, a cloud storage company, was the lastest victim when their GitHub account was compromised. This allowed attackers access to 130 code repositories, which contained sensitive data.

Dropbox was notified of a potential breach on October 14th from GitHub, who observed suspicious activity coming from the account starting one day earlier.

On Tuesday, November 1, 2022, Dropbox released an announcement that said, “our investigation has found that the code accessed by this threat actor contained some credentials—primarily, API keys—used by Dropbox developers.”

The data contains the names and email addresses of a few thousand Dropbox employees, current customers, past customers, sales leads, and vendors.

A successful email phishing campaign, targeting Dropbox employees and pretending to be from CircleCI (a continuous integration and delivery platform), has been attributed to a recent data breach. The emails directed the victims to a landing page where they were asked to enter their GitHub credentials.

Dropbox states that the hackers did not manage to get access to customers’ accounts, passwords, or payment information. In addition, none of Dropbox’s core apps or infrastructure were compromised. As a result of this attack, Dropbox is taking further steps to secure its environment by using WebAuthn and hardware tokens or biometrics.

It was almost immediately after the compromise that GitHub detected the exfiltration of content from private repositories. The threat actors used VPNs and proxy services to make it more difficult to trace and identify them.

The Dropbox security breach is just one example of how even big companies are susceptible to damage by sophisticated cyber attacks. But while Dropbox was quickly mitigate the damage caused by the attack, it’s a reminder to all businesses that they’re always vulnerable to these kinds of threats. Therefore, it’s important for employers educate their staff on how identify potential cyberattacks.

SIM Swap Attack Targets Verizon Customers

Recently, Verizon experienced a minor but significant data breach. Between October 6, 2022, and October 10, 2022, an unknown malicious actor gained access to Verizon’s prepaid wireless accounts, compromising approximately 250 individuals.

According to a letter to customers, Verizon discovered the breach after noticing “unusual activity” on its network.

Due to the data breach, a SIM swap attack has been launched. Threat actors can take over the target’s phone number by convincing their mobile carriers to switch the target’s number to a SIM card controlled by the attackers.

Verizon warned its customers that the breach exposed the last four digits of their credit card numbers, which could result in fraudulent SIM card swaps. Additional customer data such as phone numbers, mailing addresses, account plans, and credit card information has been compromised. Verizon has confirmed that the attack did not compromise bank account information, passwords, social security numbers, tax IDs, or other sensitive information.

As a result of the data breach, Verizon reset the account security codes of an unspecified number of accounts.

Verizon reported that the company had successfully blocked any further unauthorized access to its customer’s accounts. Additionally, Verizon stated that it did not find any indication that the malicious activity was still ongoing.

Verizon’s customers can protect themselves from SIM swapping attacks by activating the company’s free “Number Lock” protection feature. Once a phone number is locked, it cannot be transferred to another device or service provider. Unless the account owner removes the lock, SIM swapping will be impossible.

Verizon users are urged to reset their pin codes, update passwords, and modify security questions to protect themselves against future attacks.

Customers are encouraged to review their information by logging into their Verizon account. Those who notice anything unusual should get in touch with Verizon directly.

The Verizon data breach serves as a reminder that even well-established businesses are susceptible to attack. However, customers can take steps to protect themselves, such as utilizing the ‘Number Lock’ security feature. By taking precautions and monitoring their accounts, customers can help ensure the security of their information.

Benefits of Having a Dual Monitor Setup for Your Business

In recent years, the use of advanced technology in the office has increased in popularity among businesses to improve their efficiency, productivity, and effectiveness. Whether running a small or large company, it is important to know that utilizing a dual monitor setup in your office can provide quite a few advantages.

Effortless Research

It is very useful for employees who conduct research on a regular basis to have a second monitor at their disposal. By using two monitors at once, employees can view different sources at the same time, rather than having to switch between other tabs on their screen. This results in a more meaningful and effective comparison, which produces a higher quality product.

Work Efficiently

It can be challenging to manage multiple applications with only one monitor. A multitasking environment needs enough screen space to maintain multiple applications at once. Using a dual monitor setup, employees won’t have to scroll up and down the screen or resize windows to fit the information they need into the limited space available. Users can achieve greater accuracy when working with dual monitors because of the increased visibility the dual monitors provide.

Increase Productivity

According to studies, employees can also boost their productivity by up to 30% when using dual monitors in their workstations. As a result, employees will be able to work more efficiently as they won’t have to switch tabs as often, so they’ll be able to accomplish more tasks more quickly.

A dual monitor system allows users to display multiple applications simultaneously on the same screen, including web browsing, email, and multimedia. Using dual monitors at the workplace can help employees become more efficient and productive by enhancing their efficiency and productivity.

Zoom Fixes Severe Security Vulnerability for Mac Users

There is no doubt that Zoom has become very popular in the business and academic sectors, as it is widely used for video conferencing and voice-over IP (VoIP).

Zoom issued a security bulletin at the beginning of October, informing users that an update was now available for download in response to an identified security flaw. CVE-2022-28762 has been identified as a vulnerability by Zoom and has been patched accordingly.

Specifically, this problem appears to affect the macOS Zoom client from versions 5.10.6 to 5.12.0. It is important for users to make sure they have the latest version of Zoom installed on their computers. When using the Zoom desktop client on a Mac, users can look at the current version number of the video conferencing software that is currently installed by clicking “zoom.us” in the menu bar.

It is possible for users to manually update the software by checking for updates in the “About Zoom” section of the software.

Vulnerability

The macOS Zoom client is vulnerable to local attacks by malicious users because of a vulnerability identified in the open debugging port of the client.

The vulnerability identified by Zoom was rated 7.3 out of 10 by the CVSS (common vulnerability scoring system), which indicates it is a severe issue.

Zoom recommends that all users update their software to the latest version as soon as possible to protect themselves from potential security vulnerabilities.

The safety and security of Zoom’s users are a top priority for the company. Although the CVE-2022-28762 vulnerability is severe, it can be fixed by updating Zoom to the most recent version. It is highly recommended that users check the version that they are currently using and update it accordingly.

The Evolution of Callback Phishing Scams

Phishing is one of the oldest forms of cybercrime. It continues to grow and evolve, making it difficult for people to defend themselves.

Callback phishing scams are email campaigns that pose as expensive memberships to confuse recipients who have never signed up for these services.

The email includes a phone number the receiver may call to learn more about this “membership” and cancel it. But doing so opens the door to social engineering assaults that infect victims’ devices with malware and, in some cases, full-blown ransomware attacks.

This type of attack started with what is now known as BazarCall campaigns.

Under the alias “BazarCall,” threat actors started sending emails posing as subscriptions to popular services, along with a phone number to call so they could cancel the purchase.

When a target dialed the number, the threat actors guided them through a series of prompts that ultimately resulted in downloading an Excel file infected with the BazarLoader malware. BazarLoader allowed remote access to compromised devices, which led to ransomware assaults.

The evolution

The social engineering method has changed in recent callback phishing attacks, but the bait is still an invoice from well-known service provider companies.

Once the receiver phones the number provided, they are asked for “verification” invoice data. Next, the scammer says no matching records exist, and the victim’s email was spam.

The fake customer care worker tells the recipient that the spam email may have infected their computer with malware and offers to connect them with a technician. In the final step, the victim is connected to the fake technician to aid with the infection and takes them to a website where they download malware disguised as antivirus software.

In the security software campaigns, the scammers claim that the security package pre-installed on the victim’s laptop has expired and has been automatically renewed. Eventually, the fraudster takes the victim to a malware-dropping canceling and refund gateway.

These tactics convince victims to download malware like BazarLoader, remote access trojans, or other remote access software.

The final step is persuading the victim to access their bank account to get the reimbursement. But the victim is deceived into paying money to the con artist by locking the victim’s screen, starting a transfer-out request, then unlocking the screen when the transaction requires credentials.

After the transaction, the victim is supplied with a fake refund successful page to deceive him into believing that they have received the refund. In addition, in some cases, the threat actors send the victim an SMS stating that the money has been refunded to prevent the victim from noticing any fraud.

Of course, losing money is only one of the issues that infected users may have because the threat actors can launch new, more dangerous malware that will spy on them for a longer period and steal sensitive data.

Overall, callback phishing scams are difficult to defend against because they are constantly evolving. The best defense is to be aware of the signs of a scam, such as unexpected invoices or calls from numbers you don’t recognize. If you suspect you may be a victim of a callback phishing scam, hang up and call your bank or service provider directly to verify any suspicious activity.