Security Leftovers
-
A Serial Tech Investment Scammer Takes Up Coding?
John Clifton Davies, a 60-year-old con man from the United Kingdom who fled the country in 2015 before being sentenced to 12 years in prison for fraud, has enjoyed a successful life abroad swindling technology startups by pretending to be a billionaire investor. Davies’ newest invention appears to be “CodesToYou,” which purports to be a “full cycle software development company” based in the U.K.
If you liked this story, check out my previous reporting on John Bernard/Davies...
-
Supply Chain Compromise or False Positive: The Intriguing Case of efile.com updated - confirmed malicious code, (Mon, Apr 3rd) [Ed: Windows TCO]
Added an update at the end with more details regarding the "update.exe" file. I think it is safe to say at this point, that efile.com has been compromised.
-
Tax Season Risks, (Mon, Apr 3rd)
If you live in the US, you are likely aware that we are entering the last phase of the tax filing season. Returns are due April 15th, and scammers know that last-minute filing stress makes people less careful. Tax filings typically include sensitive PII like social security numbers, addresses, and other details. The IRS has, in recent years, tried to reduce fraud, but there are still several scams that are hard to eradicate.
-
Update: oledump - MSI Files, (Sun, Apr 2nd)
-
Tasmania says data may have leaked through file-sharing service attack
The Tasmanian Government says it may have lost data in a breach effected by a Windows ransomware gang through a file-sharing service known as GoAnywhere MFT.