"A Bureau of Meteorology scientist has failed to get his job back after he was sacked for secretly working overseas for several weeks while telling his bosses he was working from home."
BoM scientist sacked for secretly working from overseas
A Darkdot article claims that DarkNetLive—the last standing news sites covering the dark web—has been secretly acquired in November 2022 by Incognito, a darknet drug marketplace. Darkdot claims Incognito has been using the news site to suppress criticism and steer public perception in their favor.
darkdot.
Darknetlive Sold to Incognito Market
Incognito, a darknet drug marketplace, purchased the news site Darknetlive in November 2022.
"The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024 [...] Microsoft has identified the threat actor as Midnight Blizzard, the Russian state-sponsored actor also known as Nobelium."
Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard
 via @npub1cfcu...qe07
Cryptocurrency transactions linked to illicit activity accounted for $24.2 billion in 2023, down from the $29.6 billion all-time peak of 2022. The 2023 figure represents 0.34% of all cryptocurrency currently in circulation. Ransomware had a record year in 2023, but Chainalysis have not released an exact number. Ransomware payments accounted for $456.8 million the year before, in 2022. https://www.chainalysis.com/blog/2024-crypto-crime-report-introduction/ image
CISA says that threat actors are exploiting a vulnerability in Microsoft SharePoint servers. Tracked as CVE-2023-29357, the bug was patched in June of last year. The vulnerability is an elevation of privilege that can be chained with other SharePoint bugs to achieve remote code execution attacks. Loads of technical write-ups and public PoCs on how to perform such attacks have been available online since September of last year.
Cybersecurity and Infrastructure Security Agency CISA
CISA Adds One Known Exploited Vulnerability to Catalog | CISA
Zscalers researchers look at DreamBus, a Linux-based botnet that has been active since 2019. Researchers say that over the past six months, the botnet has seen a resurgence after launching attacks against Metabase and Apache RocketMQ servers. The final payload is still a Monero miner, as before.
DreamBus | ThreatLabz
Technical analysis of DreamBus exploits targeting vulnerabilities in Metabase and Apache RocketMQ
"North Korean hackers Lazarus Group have moved $1.2 million worth of their ill-gotten gains from a coin mixer to a holding wallet, marking their largest transaction in over a month." https://www.coindesk.com/business/2024/01/08/north-korean-hacking-group-lazarus-withdraws-12m-of-bitcoin-from-coin-mixer/
Talk about an overreaction: "Man Sues 27 Women, One Man, 20 Different Parts of the Facebook Corporation, Meta, Patreon, GoFundMe, and The Website arewedatingthesame.com After Facebook Users Call Him ‘Clingy’ and ‘Psycho’ "
Court Watch
Are We Dating the Same Lawsuit?
Man Sues 27 Women, One Man, 20 Different Parts of the Facebook Corporation, Meta, Patreon, GoFundMe, and The Website arewedatingthesame.com After F...
Software engineer Amir Boroumand has launched a tool named ContainerCVE that scans Docker Hub images for known vulnerabilities. https://containercve.com/ image