Read Time:2 Second
QR code phishing is becoming increasingly popular
Daily Archives: November 9, 2023
Online Retail Hack
Read Time:1 Minute, 8 Second
Selling miniature replicas to unsuspecting shoppers:
Online marketplaces sell tiny pink cowboy hats. They also sell miniature pencil sharpeners, palm-size kitchen utensils, scaled-down books and camping chairs so small they evoke the Stonehenge scene in “This Is Spinal Tap.” Many of the minuscule objects aren’t clearly advertised.
[…]
But there is no doubt some online sellers deliberately trick customers into buying smaller and often cheaper-to-produce items, Witcher said. Common tactics include displaying products against a white background rather than in room sets or on models, or photographing items with a perspective that makes them appear bigger than they really are. Dimensions can be hidden deep in the product description, or not included at all.
In those instances, the duped consumer “may say, well, it’s only $1, $2, maybe $3—what’s the harm?” Witcher said. When the item arrives the shopper may be confused, amused or frustrated, but unlikely to complain or demand a refund.
“When you aggregate that to these companies who are selling hundreds of thousands, maybe millions of these items over time, that adds up to a nice chunk of change,” Witcher said. “It’s finding a loophole in how society works and making money off of it.”
Defrauding a lot of people out of a small amount each can be a very successful way of making money.
OpenAI Reveals ChatGPT Is Being DDoS-ed
UK Shoppers Lost Nearly £11m to Fraud Last Festive Season
Russian APT Sandworm Disrupted Power in Ukraine Using Novel OT Techniques
Read Time:4 Second
This previously undocumented attack suggests a growing maturity of Russia’s offensive OT arsenal
GitPython-3.1.40-1.fc40
Read Time:17 Second
FEDORA-2023-7b78427a7d
Packages in this update:
GitPython-3.1.40-1.fc40
Update description:
Automatic update for GitPython-3.1.40-1.fc40.
Changelog
* Thu Nov 9 2023 Carl George <carlwgeorge@fedoraproject.org> – 3.1.40-1
– Update to version 3.1.40, resolves rhbz#2221770
– Fix CVE-2023-41040, resolves rhbz#2248698
Smashing Security podcast #347: Trolls, military data, and the hitman and her
Read Time:23 Second
A woman’s attempt to hire an assassin online backfires badly, it’s scary just how cheap it is to buy information about US military personnel, and trolls and tattoos don’t mix.
All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire’s Dave Bittner.
Plus don’t miss our featured interview with Jason Meller of Kolide.
DSA-5551-1 chromium – security update
DSA-5551 chromium – security update
Read Time:10 Second
An use after free issue was discovered in WebAudio in Google Chrome prior
to 119.0.6045.123, which allowed a remote attacker to potentially exploit
heap corruption via a crafted HTML page