cyber-crime | Smart Thinking Solutions

2 February 20222 February 2022

Log4j exploits and behind the scenes with the Apache patching team

Here is an interesting article from the team at Apache dealing with patching the Log4j problem: The Apache Log4j team talks about the Log4Shell patching process – The Record by Recorded Future But the exploits in the wild are still happening: Threat actor target Ubiquiti network appliances using Log4Shell exploits …

Continue reading “Log4j exploits and behind the scenes with the Apache patching team”

30 January 202216 March 2022

I should have run this story on a Friday! Tech sniffer dogs

The discovery of data storage and communications devices can be critical in any cyber security investigation – now the Digital Investigations and Intelligence Unit. (DIIU) of Wiltshire police have Bonny and Dora. Wiltshire Police ‘Digi-dogs’ trained to sniff out technology – BBC News The dogs have been trained to sniff …

Continue reading “I should have run this story on a Friday! Tech sniffer dogs”

27 January 202227 January 2022

What PII was compromised in 2021?

This is an interesting article looking at cyber attacks in 2021. Personal identifying information for 1.5 billion users was stolen in 2021, but from where? – TechRepublic

27 January 202227 January 2022

Be aware of COVID-19 testing scams – get trained to deal with these threats

This a complex, but easily implemented by the hackers, hoax, being run by cyber criminals right now. It is based around COVID-19 home testing kits and the subsequent results. Cybercriminals are exploiting COVID-19 tests in phishing attacks – TechRepublic Phishing Emails The vector for the attack is primarily through email …

Continue reading “Be aware of COVID-19 testing scams – get trained to deal with these threats”

16 January 202218 January 2022

Access to stolen credit card data stopped

A darknet website, UniCC, that since 2013, has sold stolen credit card information to criminals is closing. But not because of international police co-operation but because the criminals running it are retiring! How much is their estimated retirement fund? £260m. Largest darknet stolen credit card site closes – BBC News …

Continue reading “Access to stolen credit card data stopped”

2 January 202224 May 2023

Log4j and open source software security – Google Cloud report

If you are involved in software development or use open source software, this article from the Google Cloud team, makes for interesting reading and can add some clarity to using this type of resource. Cloud CISO Perspectives: December 2021 | Google Cloud Blog

29 December 202131 December 2021

Log4j updates

Latest update about Log4j from SANS Internet Diary. Log4j 2 Security Vulnerabilities Update Guide – SANS Internet Storm Centre

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.