News & Commentary

Fancy AI video generators serving up malware 🤖

Have you ever used a program called EditPro to edit and generate photos and videos through AI? If so, get to changing those passwords. 😅

Ads are floating around on X for EditPro, which claims to be a program that you can use to “create as in your dreams Image.” (???)

When you download the program, you’re also downloading infostealing malware (often Lumma Stealer, which is usually disguised as a CAPTCHA with a few additional steps). And apparently, the threat actors behind this one used up all their capacity for fanciness in their “software,” because they didn’t try too hard at all with their malware.

From there, the malware relies on a panel to exfiltrate stolen data, keeping it on standby for whenever the malicious actors are ready to call on it.

And Macs aren’t safe from this one, either! So if you downloaded this program on your Mac, you might wanna change your passwords, too. 😅

Man extorts orthodontist using RaaS 🦷

Know how even script kiddies can be eLiTe h4×0rs these days?

Such is the case for one Idahoan, who purchased ransomware-as-a-service (RaaS) tools to steal data and extort an orthodontist. One of the 43,000 records he was able to get hold of belongs to none other than the orthodontist’s child. And yes, this guy stooped low enough to threaten releasing that child’s personally identifiable information if a ransom wasn’t paid. 🙁

Fortunately, the FBI was able to track this guy down and make him pay for his crimes. He has to serve 10 years in prison, 3 years of supervised release, and pay up more than $1M for the damages he caused.

Fake Facebook ads for Bitwarden distributing malware 🦠

Bitwarden users, take note: If you’ve seen Facebook ads warning you of outdated software, ignore them.

Bitdefender Labs reported a malicious campaign on Facebook targeting users of their Bitwarden (password manager) product. Cybercriminals have exploited Facebook’s advertising platform and hijacked verified Facebook pages, renaming them to impersonate entities like "Meta Ads Manager" or Bitwarden. (Apparently, being “verified” means very little these days. 😅)

They ran fake ads claiming to offer Bitwarden software downloads. And they look pretty legit, to be honest:

But instead of downloading Bitwarden, users who clicked the ads ended up on a malware-packed site aimed at gathering login credentials and session cookies from browsers. And the page looks creepily legitimate:

Bitdefender is asking users to remain vigilant, avoid downloading software from unverified sources, and use robust cybersecurity tools to protect against these threats​.

Just Hacking Training Update 🤓

If you were subscribed to this newsletter last month, you know we launched Just Hacking Training: our take on hands-on, affordable cybersecurity training.

Since then, we’ve released a new thing or two. 🤩

Put on your blue hard hat and get ready to get your hands dirty in Constructing Defense, or ConDef! (See what we did there?)

ConDef by Anton Ovrutsky is three courses combined into a single “path.” It’s all about constructing a defensive playground in a massive, web-based virtual environment that mimics a typical enterprise, including cloud. You’ll get hands-on experience with throwing attacks at it and seeing what happens from a defensive perspective.

And we’re running an introductory special, so now’s the time to enroll if this one sounds like fun.

Additional November releases:

• HAL: Intro to Dynamic Analysis by Ali Hadi

• UC: GraphQL by Katie Paxton-Fear (InsiderPhD)

• UC: Wi-Fi Basics by Ross Flynn

• UC: Aircrack-ng by Ross Flynn

• UC: Getting Started with Visual Studio Code by Joe Helle

And here’s a sneak peek at what’s coming up in December! 👀

• OpSec: Privacy for Security Professionals by Mishaal Khan

• Mastering Active Directory Security (MADS) Vol 2: Protocols and Permissions by Slavi Parpulev

• Numerous HALs and UCs!

Come hang out with us hackers in Discord and engage with me, our All-Star instructors, students, and the rest of our community.

I recently hosted a livestream to hang out with some fine folks on YouTube and geek out over OSINT. If you missed it, no sweat — it still exists on the internet! 😅

Hoping to do more of these super soon. Stay tuned!

I recently changed up how folks subscribe to this thing. To appease the Email Overlords, I’ve asked new subscribers to reply to an email from me with their best joke (to make sure future newsletters don’t land in spam). And send me their best jokes, they did. 🤣

Here are a few of my favorite replies that landed in my inbox this month.

If you’d already subscribed before I started asking for your favorite joke, please reply to this email with your favorite joke. It may just be featured in next month’s newsletter. 😉

Love this thing? Have some pointers on how I can make it better? Please reply to this email and let me know. I really want these newsletters to be worth reading to you, and your feedback makes that possible!

Allow me to sweeten the pot. 😏 One person who replies to this email with helpful feedback will win access to my course on Just Hacking Training: Script-Based Malware Analysis! I’ve received so much helpful feedback that’s already made this newsletter better, and I’d like to give back to encourage you all to keep it coming. 😉

Hope to hear from you soon!