Hello Hacking8!

Introduction Post-Windows 2000, Microsoft introduced an option where users could authenticate to one system via Kerberos and work with another system. This was made possible
The post Domain Escalation: Unconstrained Delegation appeared first on Hacking Articles.
简介 Windows 2000之后，微软引入了一个选项，用户可以通过 Kerberos 对一个系统进行身份验证，并使用另一个系统。这是可能的
后域升级: 无约束委托首先出现在黑客文章中。

New pilot framework and toolkit will enable businesses to demonstrate their “objective and verifiable” use of artificial intelligence, says the Singapore government, which hopes to drive transparency in AI deployments through technical and process checks.
Article Link: Singapore touts need for AI transparency in launch of test toolkit | ZDNet
1 post - 1 participant
Read full topic
新加坡政府表示，新的试点框架和工具包将使企业能够展示它们对人工智能的“客观和可验证的”使用。新加坡政府希望通过技术和流程检查，提高人工智能部署的透明度。
文章链接: 新加坡在推出测试工具包时吹嘘人工智能透明度的必要性 | ZDNet
1个职位-1名参加者
读完整主题

This post is a follow up on the last one on BAZARLOADER. If you’re interested in how to unpack the initial stages of this malware, you can check it out here.
In this post, we’ll cover the final stage of this loader, which has the capability to download and executes remote payloads such as Cobalt Strike and Conti ransomware. To follow along, you can grab the sample as well as the PCAP files for it on Malware-Traffic-Analysis.net.
Step 1: Checking System Languages
Similar to a lot of malware, BAZARLOADER manually checks the system’s languages to avoid executing on machines in Russia and nearby countries.
It calls GetSystemDefaultLangID to retrieve the system’s default language and GetKeyboardLayoutList to iterate through the system’s keyboard layouts.
For each of these languages, the malware checks if it’s valid using a bitmask.
If the language identifier is greater than 0x43 or less than 0x18, it’s treated as valid and BAZARLOADER proceeds with its execution.
If it’s in the range between 0x18 and 0x43, the dif

IT threat evolution in Q1 2022
IT threat evolution in Q1 2022. Non-mobile statistics
IT threat evolution in Q1 2022. Mobile statistics
These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data.
Quarterly figures
According to Kaspersky Security Network, in Q1 2022:
6,463,414 mobile malware, adware and riskware attacks were blocked.
The largest share of all detected mobile threats accrued to RiskTool programs — 48.75%.
516,617 malicious installation packages were detected, of which:
53,947 packages were related to mobile banking trojans,
and 1,942 packages were mobile ransomware trojans.
Quarterly highlights
In Q1 2022, the level of activity among cybercriminals remained roughly the same as it was at the end of 2021 when comparing the number of attacks on mobile devices. But in general, the number of attacks is still on a downward trend.
Number of attacks targeting users of Kaspersky mobile solutions, Q1 2020 — Q1 2022 (download)
What 

IT threat evolution in Q1 2022
IT threat evolution in Q1 2022. Non-mobile statistics
IT threat evolution in Q1 2022. Mobile statistics
Targeted attacks
MoonBounce: the dark side of UEFI firmware
Late last year, we became aware of a UEFI firmware-level compromise through logs from our firmware scanner (integrated into Kaspersky products at the start of 2019). Further analysis revealed that the attackers had modified a single component in the firmware in a way that allowed them to intercept the original execution flow of the machine’s boot sequence and introduce a sophisticated infection chain.
Our analysis of the rogue firmware, and other malicious artefacts from the target’s network, revealed that the threat actor behind it had tampered with the firmware to embed malware that we call MoonBounce. Since the implant is located in SPI flash on the motherboard, rather than on the hard disk, it can persist even if someone formats or replaces the hard disk.
Moreover, the infection chain does not leave any traces on 

IT threat evolution in Q1 2022
IT threat evolution in Q1 2022. Non-mobile statistics
IT threat evolution in Q1 2022. Mobile statistics
These statistics are based on detection verdicts of Kaspersky products and services received from users who consented to providing statistical data.
Quarterly figures
According to Kaspersky Security Network, in Q1 2022:
Kaspersky solutions blocked 1,216,350,437 attacks from online resources across the globe.
Web Anti-Virus recognized 313,164,030 unique URLs as malicious.
Attempts to run malware for stealing money from online bank accounts were stopped on the computers of 107,848 unique users.
Ransomware attacks were defeated on the computers of 74,694 unique users.
Our File Anti-Virus detected 58,989,058 unique malicious and potentially unwanted objects.
Financial threats
Financial threat statistics
In Q1 2022 Kaspersky solutions blocked the launch of at least one piece of malware designed to steal money from bank accounts on the computers of 107,848 unique users.
Number of un

The International Conference on 3D Printed Firearms, organised by Europol and the Dutch National Police (Politie) in the framework of EMPACT Firearms and hosted at the University of Leiden, saw some 120 participants from 20 countries address the latest challenges facing law enforcement in their efforts to tackle this threat.  Over the course of two days (24-25 May 2022), the…
Article Link: Printing insecurity: Tackling the threat of 3D printed guns in Europe | Europol
1 post - 1 participant
Read full topic
由欧洲刑警组织和荷兰国家警察(Politie)主办的国际3D 打印枪支会议在欧洲警察总署枪支管制莱顿大学的框架下举行，来自20个国家的约120名与会者参加了会议，讨论执法部门在应对这一威胁方面面临的最新挑战。在两天内(2022年5月24日至25日) ..。
文章链接: 印刷不安全: 应对3D 打印枪支在欧洲的威胁 | 欧洲刑警组织
1个职位-1名参加者
读完整主题

Mozilla has published updates for two critical security issues in Firefox and Thunderbird, demonstrated during Pwn2Own Vancouver. The vulnerabilities, discovered in the Firefox JavaScript engine (shared by the Firefox-based Tor browser) relate to Firefox 100.0.2, Firefox for Android 100.3.0, and Firefox ESR 91.9.1. For users of Thunderbird, the vulnerability there is in relation to Thunderbird 91.9.91.
Additionally, there is some fallout beyond the standard versions of Firefox and Thunderbird. Users of the anti-surveillance Tails Operating System have been warned to stop using the bundled Tor browser until a fix goes live. This is because it could be potentially vulnerable to CVE-2022-1802:
This vulnerability allows a malicious website to bypass some of the security built in Tor Browser and access information from other websites.
For example, after you visit a malicious website, an attacker controlling this website might access the password or other sensitive information that you send to other websites afterw

Google’s Chrome is looking to bring memory safety to Chrome’s C++ codebase.
Article Link: Programming languages: How Google is improving C++ memory safety | ZDNet
1 post - 1 participant
Read full topic
谷歌的 Chrome 正在寻求为 Chrome 的 C + + 代码库带来内存安全。
文章链接: 编程语言: Google 如何提高 C + + 内存安全性 | ZDNet
1个职位-1名参加者
读完整主题

The Federal Trade Commission (FTC) and the Department of Justice (DOJ) have ordered Twitter to pay a $150M penalty for using users’ account security data deceptively.
The deception violates an FTC order from 2011, that bars Twitter from “misleading consumers about the extent to which it protects the security, privacy, and confidentiality of nonpublic consumer information, including the measures it takes to prevent unauthorized access to nonpublic information and honor the privacy choices made by consumers.”
This penalty stemmed from a complaint the DOJ filed on behalf of the FTC against Twitter. From May 2013 to September 2019, Twitter asked users to provide an email address and contact number for security reasons, such as setting up two-factor authentication (2FA); password recovery; and for re-enabling full access to accounts thought to have acting suspiciously.
However, Twitter used it for another purpose: Targeted advertising.
“As the complaint notes, Twitter obtained data from users on the pretext of har

Popular open source content management system (CMS) Strapi released patches addressing two vulnerabilities that would allow hackers to view private and sensitive data, such as email and password reset tokens.
Strapi is known for its “headless” CMS, which means the front end and back end of the system are completely separate. Thousands of companies use the software, according to David Johansson, principal security consultant at Synopsys Software Integrity Group, which discovered the issues.
While Strapi is less well-known than its competitors WordPress and Joomla, it is used by IBM, Walmart, NASA, Societe Generale and Delivery Hero among others.
The vulnerabilities were discovered in November and Strapi initially patched CVE-2022-30617 that same month. But other issues were found, and another patch was issued for CVE-2022-30617 and CVE-2022-30618 on May 11.
CVE-2022-30617 has a CVSS base score of 8.8 and CVE-2022-30618 has a score of 7.5.
Johansson said Strapi has nearly 40,000 weekly downloads on NPM for its 

Microsoft’s ‘security defaults’ are getting a much bigger rollout.
Article Link: Microsoft is rolling out these security settings to protect millions of accounts. Here's what's changing | ZDNet
1 post - 1 participant
Read full topic
微软的“安全违约”正在得到更大规模的推广。
文章链接: 微软正在推出这些安全设置，以保护数以百万计的帐户
1个职位-1名参加者
读完整主题

Article Link: [Control Systems] ABB security advisory (AV22-292) - Canadian Centre for Cyber Security
1 post - 1 participant
Read full topic
文章链接: [控制系统] ABB 安全咨询(AV22-292)-加拿大网络安全中心
1个职位-1名参加者
读完整主题

Netflix’s original series ‘Stranger Things‘ season-4 is on its way to a worldwide release today. As the plot deepens every season, viewers are rooting hard for their favourite characters. From [more]
The post 5 Cybersecurity lessons to learn from Stranger Things  appeared first on Checkmate.
Article Link: https://niiconsulting.com/checkmate/2022/05/5-cybersecurity-lessons-to-learn-from-stranger-things/
1 post - 1 participant
Read full topic
Netflix 的原创剧集《怪奇物语》(Stranger Things)第四季今天即将在全球发行。随着每一季剧情的深入，观众们都在为自己喜欢的角色努力加油。来自[更多]
后5个网络安全课程学习陌生的东西首先出现在将军会。
文章连结:  https://niiconsulting.com/checkmate/2022/05/5-cybersecurity-lessons-to-learn-from-stranger-things/
1个职位-1名参加者
读完整主题

BlackHat Asia 2022 took place in Singapore’s Marina Bay Sands Expo & Convention Centre on the 12th and 13th of May. Whereas this is the usual location for BlackHat Asia, it was my first time visiting this edition, as well as my first visit to the country. In this blog I will share my impression … Read more
Article Link: My impression of BlackHat Asia 2022 – Max Kersten
1 post - 1 participant
Read full topic
黑帽亚洲2022于5月12日和13日在新加坡滨海湾金沙的博览会和会议中心举行。尽管这里是 BlackHat Asia 的老地方，但这是我第一次访问这个版本，也是我第一次访问这个国家。在这个博客中我将分享我的印象... 阅读更多
文章链接: 我对 BlackHat 亚洲2022的印象-Max Kersten
1个职位-1名参加者
读完整主题

<div> <div> <div> <div>
<div><h2><strong>Conversion Rate Optimisation Specialist (m/f/d)</strong></h2>
Malta, Skopje(Macedonia), Hannover(Germany)
Apply now
<div><p>The Hornetsecurity Group is the leading cloud security provider in Europe, which protects the IT infrastructure, digital communication and data of companies and organizations of all sizes. Its services are provided worldwide via 11 redundantly secured data centers. The product portfolio covers all important areas of email security, including spam and virus filters, legally compliant archiving and encryption, as well as defense against CEO fraud and ransomware. With more than 350 employees, the Hornetsecurity Group is represented globally at several locations and operates in more than 30 countries through its international distribution network. The premium services are used by approximately 50,000 customers including Swisscom, Telefónica, KONICA MINOLTA, LVM Versicherung, DEKRA and CLAAS.</p>
Due to continued growth, we are looking for a driven and

Security leaders need to understand how the market perceives their cybersecurity; eroded trust can result in significant financial consequences. Here are 3 key stakeholders to build trust with.
Article Link: How To Build a Trusted Cybersecurity Program | Bitsight
1 post - 1 participant
Read full topic
安全领导人需要了解市场如何看待他们的网络安全; 信任受到侵蚀可能导致重大的财务后果。以下是与之建立信任的3个关键利益相关者。
文章链接: 如何建立一个可信的网络安全程序 | Bitsight
1个职位-1名参加者
读完整主题

In my diary entry “Huge Signed PE File” we stripped a huge PE file with signature like this:
Article Link: InfoSec Handlers Diary Blog - SANS Internet Storm Center
1 post - 1 participant
Read full topic
在我的日记“巨大的签名 PE 文件”中，我们剥离了一个巨大的 PE 文件，其签名如下:
文章链接: 信息安全处理程序日记博客-SANS 互联网风暴中心
1个职位-1名参加者
读完整主题

收集、整理、修改互联网上公开的漏洞POC

影响厂商:Internet Bug Bounty 奖励:4000.0USD 危险等级:high
CVE-2022-28738: Regexp 编译中的 Double free

在用xscan刷bugbounty的时候，有时候在想如果有个bugbounty的资产管理该多好！这个系统上记录各种有bugbounty的项目，并且自动进行一些信息收集、更新监控。 要完成这个得前后端都会，对于大部分人来说可能成本太高了。 最近在写django，发现用django自带...
附件:django 写bugbounty平台.pdf

Pokémon Save File Editor

有新的漏洞组件被发现啦,组件ID:SiteServer
siteserver SSCMS 6.15.51 is vulnerable to Cross Site Scripting (XSS).

SiteserverSSCMS 6.15.51容易受到跨网站脚本(XSS)的影响。

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive securit…

起因如图，顺手记录，关于一些安全会议类PPT记录 有其他地址的欢迎评论区补上 1、议题列表 信息安全知识库 vipread.com 2、Hack Inn 3、https://infocon.org/cons/ 4、Black Hat ...

Constexpr hash functions for C++

Batch file AV evasion and obfuscation solution

Russia-linked threat actors are behind a new website that published leaked emails from leading proponents of Britain’s exit from the EU, the Reuters reported. According to a Google cybersecurity official and the former head of UK foreign intelligence, the “Very English Coop d’Etat” website was set up to publish private emails from Brexit supporters, including […]
The post Reuters: Russia-linked APT behind Brexit leak website appeared first on Security Affairs.
据路透社报道，一家新网站发布了英国退欧主要支持者泄露的电子邮件，该网站的幕后主使是与俄罗斯有关的威胁行为者。谷歌(Google)一位网络安全官员、英国前外国情报机构负责人表示，“非常英国的国家合作局”(Coop d’etat)网站的设立是为了发布 Brexit 支持者的私人电子邮件，其中包括[ ... ... ]
路透社的帖子: 英国脱欧泄密网站背后与俄罗斯有关的 APT 首先出现在《安全事务》上。

有symantec edr的情况下转储lsass进程后使用mimikatz无...

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

入门代码审计的第一个cms 花了一天的时间 审了一些漏洞 华夏rep 大佬们轻点喷
附件:代码审计.pdf

本文介绍了如何使用OSS-fuzz对一些go项目进行模糊测试,oss-fuzz是谷歌提出的一款多引擎的模糊测试平台,该平台以docker为基础,能够实现多种语言的持续模糊测试。Google希望通过“模糊测试（fuzz testing，fuzzing）”为程序提供随机数据输入，作为开源开发的标准部分, ...

A small utility to modify the dynamic linker and RPATH of ELF executables

帮助广大研究人员使用用户属性和LDAP来路由Cobalt Strike信标数据。

它是web攻击中常见的一种，CSRF也是web安全中最容易被忽略的一种攻击方式。但是CSRF在某些时候却能够产生强大的破坏性。

微信PC版数据库解密工具 .NET版本

健康学习到150岁 - 人体系统调优不完全指南

MetaStealer 是一个新出现的窃密恶意软件，该恶意软件旨在填补 2022 年 3 月份 Racoon stealer 停止运营带来的...

提问 师傅们，下面这段代码有针对XSS的绕过方式吗？ function cleanValue($val) {   if ($val == "") return $val;   //Replace od...

My Malware Analysis Reports

半导体巨头博通610亿美元收购虚拟机巨头、云计算公司VMware。

最近刷题的时候多次遇到HTTP请求走私相关的题目，但之前都没怎么接触到相关的知识点，只是在GKCTF2021--hackme中使用到了 CV...

This whitepaper demonstrates leveraging cross site scripting and polyglot exploitation in an exploit called COOLHANDLUKE to violate network segmentation / layer 2 VLAN policies while routing and sending a file between isolated, air gapped networks without a router. This issue affects HPE Procurve, Aruba Networks, Cisco, Dell, and Netgear products.
这篇白皮书演示了在一个名为 COOLHANDLUKE 的漏洞中利用跨网站脚本和通用语言来违反网络分段/第二层 VLAN 策略，同时在没有路由器的隔离的、空间隔离的网络之间传送文件。这个问题影响到 HPE Procurve、 Aruba Networks、 Cisco、 Dell 和 Netgear 产品。

Security Operations Centers (SOCs) are the first line of defense for businesses when responding to cyber attacks. But with SOC teams struggling to find skilled resources coupled with the increasing volume and sophistication of attacks, Defenders must have a well-defined incident response workflow.
The Cybereason Defense Platform offers multi-tenancy capabilities to enable SOC teams to divide workflows based on roles:
Article Link: Improving SOC Workflows with Cybereason Role-Based Incident Response
1 post - 1 participant
Read full topic
安全操作中心(SOCs)是企业应对网络攻击的第一道防线。但随着 SOC 团队努力寻找熟练的资源，加上攻击的数量和复杂性不断增加，捍卫者必须有一个定义良好的事件响应工作流程。
Cybereason 防御平台提供了多租户功能，使 SOC 团队能够根据角色划分工作流:
文章链接: 基于 Cybereason 角色的事件响应改进 SOC 工作流程
1名1岁以后的参与者
阅读完整主题

As millions of people around the world practice social distancing and work their office jobs from home, video conferencing has quickly become the new norm. Whether you’re attending regular work meetings, partaking in a virtual happy hour with friends, or catching up with extended family across the globe, video conferencing is a convenient alternative to many of the activities we can no longer do in real life. But as the rapid adoption of video conferencing tools and apps occurs, is security falling by the wayside?
Avoid Virtual Party Crashers
One security vulnerability that has recently made headlines is the ability for uninvited attendees to bombard users’ virtual meetings. How? According to Forbes, many users have posted their meeting invite links on social media sites like Twitter. An attacker can simply click on one of these links and interrupt an important conference call or meeting with inappropriate content.
Ensure Data is in the Right Hands
Online conferencing tools allow users to hold virtual meeting

As with everything digital, there's someone, somewhere devising a method to steal the assets away from their rightful owners
The post Scams targeting NFT investors – Week in security with Tony Anscombe appeared first on WeLiveSecurity
Article Link: Scams targeting NFT investors – Week in security with Tony Anscombe | WeLiveSecurity
1 post - 1 participant
Read full topic
就像所有数字化的东西一样，有人在某个地方设计一种方法，从合法所有者那里窃取资产
针对 NFT 投资者的骗局——与托尼 · 安斯科姆(Tony Anscombe)的安全周——首先出现在 WeLiveSecurity 上
文章链接: 针对 NFT 投资者的骗局-Tony Anscombe 安全周 | WeLiveSecurity
1个职位-1名参加者
读完整主题

New and exacerbated cyber-risks following Russia’s invasion of Ukraine are fueling a new urgency towards enhancing resilience
The post Cybersecurity: A global problem that requires a global answer appeared first on WeLiveSecurity
Article Link: Cybersecurity: A global problem that requires a global answer | WeLiveSecurity
1 post - 1 participant
Read full topic
俄罗斯入侵乌克兰之后，新的、更加恶化的网络风险正在加剧增强复原力的紧迫性
后网络安全: 一个需要全球性答案的全球性问题首先出现在 WeLiveSecurity 上
文章链接: 网络安全: 需要全球解决的全球性问题 | WeLiveSecurity
1名1岁以后的参与者
阅读完整主题

Patch these security flaws if the software is still running on your systems, the US cybersecurity authority has warned.
Article Link: CISA adds 75 actively exploited bugs to its must-patch list in just a week | ZDNet
1 post - 1 participant
Read full topic
美国网络安全当局警告说，如果你的系统上的软件仍然在运行，就修补这些安全漏洞。
文章链接: 中国钢铁工业协会在短短一周内就在其必须补丁列表中添加了75个主动开发的 bug
1名1岁以后的参与者
阅读完整主题

When changing operand representation, you may need to check what are the operand types currently used by IDA for a specific instruction. In some cases it is obvious (e.g. for offset or character type), but the hex and default, for example, look exactly the same in most processors so it’s not easy to tell them apart just by look.
To check the current flags of an instruction (or any other address) in the database,  use View > Print internal flags (hotkey F) .
Wen you invoke it, IDA prints flags for the current address to the Output window. It only prints info about non-default operand types — the default ones are omitted (except for suspicious operands which are printed as void).
code and flow are generic instruction flags: they mean that the current item is marked as code (instruction) and the execution reaches it from the previous address (this is the case for most instructions in the program).
Whenever IDA prints information about the second operand (number 1 since they  are counted from 0), the operands 2,3

Microsoft uncovered high-severity vulnerabilities in a mobile framework owned by mce Systems and used by multiple large mobile service providers in pre-installed Android System apps that potentially exposed users to remote (albeit complex) or local attacks. The vulnerabilities, which affected apps with millions of downloads, have been fixed by all involved parties. Coupled with the extensive system privileges that pre-installed apps have, these vulnerabilities could have been attack vectors for attackers to access system configuration and sensitive information.
As it is with many of pre-installed or default applications that most Android devices come with these days, some of the affected apps cannot be fully uninstalled or disabled without gaining root access to the device. We worked with mce Systems, the developer of the framework, and the affected mobile service providers to solve these issues. We commend the quick and professional resolution from the mce Systems engineering teams, as well as the relevant p

Russian cybercrime forums are teeming with the network credentials and virtual private network accesses of employees from U.S. colleges and universities, according to a new alert from the FBI.
This week, the FBI said U.S. college and university credentials are being advertised widely across cybercrime forums. In May 2021, the FBI says it found more than 36,000 email and password combinations for email accounts ending in .edu publicly available on instant messaging platforms frequented by cybercriminals.
According to the FBI, most of the credentials stem from spear-phishing, ransomware or other cyberattacks on U.S. colleges and universities that have become more prevalent over the years.
When contacted about cyberattacks and ransomware incidents, U.S. colleges and universities often claim that there is no evidence of data theft or sale. But Emsisoft threat analyst Brett Callow, a ransomware expert tracking attacks on universities and K-12 schools, said 10 of the 13 attacks on colleges this year involved data e

Synopsis
The Exfiltration Phase of The Kill Chain of a Cryptocurrency-Based Attack Provides the Greatest Opportunity to Identify Cybercriminals
Cryptocurrency gained through illicit means is less useable than other assets due to the way cryptocurrency systems currently do not fully protect owner identity and allow for only limited liquidity. This incentivizes threat actors to transfer assets out of DeFi platforms and into traditional markets after successfully stealing cryptocurrency. Centralized markets contain strong controls including Know Your Customer (KYC), Anti Money Laundering (AML), and other standards specifically designed to strip away anonymity and additional information to identify asset owners. A focus on identification and tracing of illicit assets leaving DeFi systems provides key cryptocurrency threat intelligence to analysts trying to determine attribution and deter threat actors. This report looks at some different paths available to threat actors for obfuscating cryptocurrency assets.
Back

The leak of a Supreme Court opinion draft overturning Roe v. Wade earlier this month and a wave of state-level laws in the U.S. radically limiting abortion are forcing many Americans to re-examine the relationship between their digital privacy and the ability to make their own health decisions.
But marginalized groups have already been navigating those challenges and learning hard fought lessons about cybersecurity — including sex workers whose labor is often criminalized; queer people also targeted by state-level laws pushed by conservative U.S. legislators; and reproductive rights activists overseas.
“The decisions around one’s body should always be private, but when the right to reproductive health is blocked by civil and state initiatives, when people can even get chased, privacy becomes key not only to reproductive rights but to the integrity of that person,” said Angela Alarcón, a campaigner at international digital rights nonprofit Access Now.
The right for people to control what happens to their own b

Agency officials identified a lack of guiding standards for determining and mitigating risk from certain implementations of the technology and advised agencies to proceed with caution, employing penetration tests accordingly.
Article Link: CISA, DOD Report Gaps for Agencies Assessing 5G Security Risks - Nextgov
1 post - 1 participant
Read full topic
原子能机构官员指出，缺乏确定和减轻某些技术实施风险的指导标准，并建议各机构谨慎行事，相应地进行渗透测试。
文章链接: CISA，国防部评估5g 安全风险机构报告差距 -Nextgov
1名1岁以后的参与者
阅读完整主题

A Brooklyn resident was sentenced to four years in federal prison this week after pleading guilty to being an integral member of the Infraud Organization, a cybercrime cartel that stole over four million credit and debit card numbers and cost victims more than $568 million dollars.
John Telusma – a 37-year-old who went by “Peterelliot” online – is the 14th member of the Infraud gang to be charged in connection to the group’s activities, which the Justice Department said involved the “mass acquisition and sale of fraud-related goods and services, including stolen identities, compromised credit card data, computer malware, and other contraband.”
Telusma joined Infraud in August 2011 and spent more than five years helping the group monetize their credit card theft. The group spent years marketing troves of stolen bank account information, PayPal accounts and more that gave members free rein to buy flights and concert tickets.
“Telusma was among the most prolific and active members of the Infraud Organization, pu