Selections by dgoff

​Pub Crawl summarizes, by hard problems, sets of publications that have been peer-reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers. Select the topic name to view the corresponding list of publications. Submissions and suggestions are welcome.

According to security researchers at Norton, scams involving human manipulation comprised 75% of all desktop threats in the first half of 2023. In the first half of 2023, the researchers saw a rise in three particular scams: E-shop scams, Sextortion scams, and Tech Support Scams. E-shop scams are where fake online stores are created to lure shoppers with popular products offered at huge discounts. However, the product is never delivered, and scammers exit with the victim's card details and payment.

According to security researchers at Netacea, the typical business in the US and UK loses over 4% of their online revenue every year due to malicious bot attacks. The researchers surveyed 440 businesses with an average online revenue of $1.9bn across the travel, entertainment, e-commerce, financial services, and telecoms sectors in the US and the UK. The researchers found that the average firm loses $85.6m annually to bot attacks, up from $33.3m per business in 2020. The researchers noted that this is far greater than the average ransom payment or GDPR fine.

T-Mobile customers reported being able to see the account and billing information of others after logging into the company's official mobile app. According to user reports, the exposed information included consumers' names, phone numbers, addresses, account balances, and credit card information, such as expiration dates and the last four digits. While a large number of reports began appearing on Reddit and Twitter on September 20, some T-Mobile customers claimed to have experienced this for the last two weeks.

A financially motivated threat actor has been identified as an Initial Access Broker (IAB) who sells access to compromised organizations to other adversaries to perform follow-on attacks. The SecureWorks Counter Threat Unit (CTU) has named the group Gold Melody, which also goes by the names Prophet Spider and UNC961. According to the cybersecurity company, this financially motivated group has been active since at least 2017, exploiting vulnerabilities in unpatched Internet-facing servers to compromise organizations.