Revealed: Leaked Chats Expose the Daily Life of a Scam Compound’s Enslaved Workforce

A whistleblower trapped inside a “pig butchering” scam compound gave WIRED a vast trove of its internal materials—including 4,200 pages of messages that lay out its operations in unprecedented detail...

Default credentials

Starting with Sametime 12, anonymous users are enabled by default. After logging in as an anonymous user, one has the ability to browse the User Directory and potentially create chats with internal users...

PT-2022-26437 · Ibm · Sametime

Name of the Vulnerable Software and Affected Versions: Sametime versions 12 and later Description: The issue allows anonymous users to browse the User Directory and potentially create chats with internal users after logging in. Recommendations: For Sametime version 12 and later, consider disablin...

Conti Ransomware Decryptor, TrickBot Source Code Leaked

The pro-Ukraine member of the Conti ransomware gang who promised to eviscerate the extortionists after they pledged support for the Russian government has spilled yet more Conti guts: The latest dump includes source code for Conti ransomware, TrickBot malware, a decryptor and the gang’s...

Uber: SAML Authentication Bypass on uchat.uberinternal.com

Due to improper SAML verification it was possible to bypass the OneLogin authentication on https://uchat.uberinternal.com and gain unauthorized access to internal chats. We enjoyed working with @mishre on this report and look forward to receiving more submissions from them in the future!...