lippard @lippard@infosec.exchange
infosec @ financial services, healthcare, and telecoms
If the offer is bogus, why offer it? That seems like just another fraud of the sort the FTC would investigate if it weren't party to it.
The Bellingcat report on the Russian ProtonMail phishing campaign against them has now been published: https://www.bellingcat.com/news/uk-and-europe/2019/08/10/guccifer-rising-months-long-phishing-campaign-on-protonmail-targets-dozens-of-russia-focused-journalists-and-ngos/
We put together a list of all the stories my colleague and I wrote at #BlackHat, along with a few blurbs that we weren't able to publish as full articles. https://www.pcmag.com/feature/370092/black-hat-2019-the-craziest-most-terrifying-things-we-saw
Did anybody cover the charlatan track at Black Hat? Looks like there was a stellar entry today.
Some fun #BlackHat shenanigans. Ruben Santamarta, a researcher at IOActive, gave a presentation about vulnerabilities he found in the Boeing 787 core network. Boeing has issued a strong denial, and has a PR rep here to boot. FAA has also chimed in, supporting Boeing.
I have been told (BUT HAVE NOT CONFIRMED) that there are Boeing engineers at the conference to refute the claims in person.
Santamarta and IOActive are emphatically standing behind their work.
DMARC really isn't that difficult. Your organization should be using it. https://www.zdnet.com/google-amp/article/dmarcs-abysmal-adoption-explains-why-email-spoofing-is-still-a-thing/
infosec @ financial services, healthcare, and telecoms
