The "Insta-Wellness" scams
negativepid.blog/the...
#Instagram #wellness #scams #onlineScams #fraud #internetFraud #identityTheft #onlineIdentity #romanceScams #financialScams #socialMedia #accounts #negativepid
image of sans internet stormcenter logo with stormcast flair
SANS Stormcast Monday, March 9th, 2026: YARA-X Update; IP Camera Targeting; Node.js Upgrades; nginx UI Vuln
https://isc.sans.edu/podcastdetail/9840
Graph from NetBlocks showing network connectivity in Iran from 24 February 2026 to 9 March 2026. The y-axis represents normalized connectivity, ranging from 0% to 100%, and the x-axis represents the dates. The green line representing Iran's connectivity is high through the initial time period, with a sharp drop on the morning of 28 February. The continued drop in connectivity aligns with a nation-scale internet blackout imposed by authorities after joint military strikes by the US and Israel. The minimum and current connectivity levels are indicated as 1% and 1%, respectively. The chart has a dark background with a red horizontal arrow labeled 'SHUTDOWN' indicating the disruption period, and the NetBlocks logo in the lower left corner with the Mapping Internet Freedom slogan.
⚠️ Update: #Iran's internet blackout has entered its tenth day with connectivity at 1% of ordinary levels after the 216th hour.
As regional hostilities intensify, some 90 million Iranians are silenced and cut off from the global internet under a state-imposed shutdown.
Russian state hackers are carrying out a global campaign to compromise Signal and WhatsApp accounts belonging to government officials and military personnel, Dutch intelligence warned Monday.
Israeli Air Force images posted on March 3 show a bomb not previously seen in Israeli service, reportedly from jets involved in strikes on Iran. Experts say the bombs appear to have an incendiary component and may be meant to destroy chemical or biological agents.
www.bellingcat.com/news/2026/03...
-White House releases new Cyber Strategy
-New Trump EO prioritizes fight against scams and cybercrime
-Chinese hackers breach FBI wiretap network
-Romania's largest meat exporter enters insolvency after ransomware attack
Podcast: risky.biz/RBNEWS535/
Newsletter: news.risky.biz/risky-bullet...
Iran's Fars News Agency confirmed that the country's military intentionally targeted AWS data centers in the region to see if they played a role in supporting the US military's attacks.
Strikes hit AWS data centers in Bahrain and the UAE, and a Microsoft data center
t.me/farsna/41529...
"both pro- and anti-Kremlin bloggers from Russia started referring to Mr. Trump’s plan as “Tehran in three days.” It was a reference to “Kyiv in three days,” the ironic shorthand used to describe the Kremlin’s hubris in believing that Ukraine would quickly crumble."
www.nytimes.com/2026/03/08/u...
Pakistan's main APT group has switched from off-the-shelf low quality malware tools to vibe-coded custom malware
businessinsights.bitdefender.com/apt36-nightm...
It is true that Proton is located in Switzerland and responded to a legal request from the Swiss authorities. But it is also true that most people do not know what an MLAT is and there is a widespread misunderstanding that using Proton will protect your account from US govt requests.
Reverse-engineered Coruna - a nation-state iOS exploit kit - from raw JavaScript. 28 modules + MUCH MORE!
www.nadsec.online/blog/coruna
www.nadsec.online/blog/coruna-...
(technical analysis more interesting, read coruna blog post first, technical analysis looks better on github, link on-site)
"A formerly legitimate Featured Chrome extension (ShotBird) was turned into a remote-controlled malware channel after an apparent ownership transfer"
Curious if this is another case of an extension being sold on ExtensionHub again? A place to watch...
monxresearch-sec.github.io/shotbird-ext...
U.S. Central Command today warned civilians in Iran to stay indoors as airstrikes against Iranian weapons systems continue. How likely it is that civilians will get that warning in a country without internet, however, is unclear www.nytimes.com/2026/03/08/u...
This map feels like a metaphor for how we live our lives. We carefully step around conflicts (that are in no way inevitable in the first place) and carry on with our banalities. I’m not saying we shouldn’t but it does feel representative of our condition.
Read our analysis of the video showing a US Tomahawk missile strike next to Girls’ School in Iran on February 28 here: www.bellingcat.com/news/2026/03...
Graph from NetBlocks showing network connectivity in Iran from 24 February 2026 to 8 March 2026. The y-axis represents normalized connectivity, ranging from 0% to 100%, and the x-axis represents the dates. The green line representing Iran's connectivity is high through the initial time period, with a sharp drop on the morning of 28 February. The continued drop in connectivity aligns with a nation-scale internet blackout imposed by authorities after joint military strikes by the US and Israel. The minimum and current connectivity levels are indicated as 1% and 1%, respectively. The chart has a dark background with a red horizontal arrow labeled 'SHUTDOWN' indicating the disruption period, and the NetBlocks logo in the lower left corner with the Mapping Internet Freedom slogan.
200 hours.
As @jdoubledaywfed.bsky.social first reported federalnewsnetwork.com/cybersecurit... Shelly Hartsook, the head of CISA's capacity building branch, is leaving the government today, per three sources.
CB provides centralized cyber services to other agencies, including CDM, VDP, and protective DNS.
There have been some very bad developments today.
A court record reviewed by 404 Media shows privacy-focused email provider Proton Mail handed over payment data related to a Stop Cop City email account to the Swiss government, which handed it to the FBI.
www.404media.co/proton-mail-...
Sony are testing out 'dynamic pricing' on PlayStation Store, where it varies the pricing per customer. When you log in some prices go up. Crazy, this one will need regulation.
😂
The White House finally released its 7-page cybersecurity strategy. It includes "Americans re-elected President Trump," "President Trump's leadership" and "President Trump's actions," the last of those four times. It does not mention the leaderless Cybersecurity and Infrastructure Security Agency.
News: U.S. investigators believe Chinese hackers are behind a cyber intrusion on an internal FBI computer network that holds information related to some domestic surveillance orders, in what would be the latest Chinese compromise of wiretap systems www.wsj.com/politics/nat...
This is what happens when you prioritize loyalty and sycophancy over competency.
"Since the start of the war, Iran has fired at least 380 missiles and over 1,480 drones targeting the five Arab Gulf countries, according to an AP tally based on official statements."
apnews.com/article/iran...
The DomainTools security team has published a comprehensive report on the current 2026 infrastructure of Russian disinformation group Doppelgänger (aka RRN) and their latest operational priorities
They also have a new RSS feed, so update that too
dti.domaintools.com/research/dop...
Iranian authorities have threatened to arrest citizens who connect to the internet in defiance to a communications blackout imposed by the state.
Iranian police sent SMS warnings to all citizens earlier this week.
www.france24.com/en/live-news...
"The recent possible breach comes amid what some current and former officials say has been a diminishing of the FBI’s cybersecurity response capabilities..." www.cnn.com/2026/03/05/p...
You may look at a problem and think "Aha! The solution is to run my own email server." Now you have two problems, Google is marking all of your email as spam, an unknown number of threat actors using your server to spread malware because you forgot to patch something, and a small pile of subpoenas.
