I can't sit down for 2 seconds without some crazy shit happening the past few days. One of y'all's mfers needs to hit the pause button or something wtf bro

I'm on mobile, but if I had an angry cat picture readily available I'd post it

Thank you, Riverbank, for sending me an angry cat picture. But it's too late. No one gets a cat picture

Bro, I've got people messaging me saying they're worried they're in the Discord leaks and if their photo and/or drivers license is leaked they're going to kill themselves because it'll out them for being gay, or it'll potentially expose them to stalkers again

Wtf

This Discord Zendesk compromise has gotten more silly.

Previously, the Threat Actors responsible for the Discord Zendesk compromise claimed they had gotten access by compromising a BPO (Business Process Outsource) employee.

They were not lying.

It turns out that in August the Threat Actors who compromised Discord began sending emails to Discord outsourced employees offering them money in exchange for access to Discords internals.

The people they emailed was a very small team located in Southeast Asia. This particular office only has a handful of employees assigned to working Discord helpdesk (including age verification). This team is assigned to primarily handle back log work. This team had a great deal of access and were believed to be "trusted".

One of the emails this small team received offered $500 compensation to prove they're a Discord BPO employee. They offered an additional "several thousand dollar" lump sum payment in exchange for giving them access.

The Discord BPO employees were told to ignore the emails. Unfortunately, it appears one of these BPO employees did not ignore the emails and accepted the bribe.

$500 in this Southeastern Asian country is an astronomical amount of money. The "several thousand dollar" lump sum payment would be enough for this person to live comfortably for several years in their country.

BreachedForum-dot-hn, the latest incarnation of Breached, has been seized by the United States Federal Bureau of Investigation.

It wasn't even alive for a month. God damn. FBI moving fast

It should be noted this is not the first time Insider Threats have damaged a company. Most notably, Coinbase had a problem with a BPO accepting bribes to get access to Coinbase internals.

Likewise, ransomware groups have historically looked for Insider Threats to get access

Chat, it's been another wonderful week of internet schizophrenia.

Will the Discord Zendesk nerds drop more data and cause more drama? What will happen to the BreachForum domain now that it's been seized? Will a new one appear? What the fuck happened to that RedHat data? How did the FBI seizure Breached so fast? Who is doing these massive DDoS attacks? How did the NCA UK arrest the pre school ransomware Threat Actors so fast? I had 12 tacos covered in hot sauce and my tummy hurts. Will I ever learn?

Find out next time on Dragon Ball Z

I just learned it's Thursday, not Friday

Shuffle, the cryptocurrency based online casino, announced a security breach as a result of a 3rd party being compromised.

The 3rd party which was compromised is Fast Track. Fast Track is a CRM (Customer Relation Software) for managing things such as customer support tickets.

Shuffle has stated the 3rd party compromise has resulted in the exfiltration of the following data:
- Email
- Name (Full name not specified)
- Addresses (Unspecified in crypto address or physical)
- Transactions (Unspecified historical or specific)
- Bet data

This is eerily similar to the recent Discord Zendesk 3rd party compromise.

Dawg, if it comes out that this online casino was compromised as a result of an Insider Threat (bribery), I'm going to lose my mind

Whoa whoa whoa. Interesting update.

Yesterday Discord silently updated their breach notification press release.

They name dropped the BPO.

Why? 🤔

https://discord.com/press-releases/update-on-security-incident-involving-third-party-customer-service

Part of me wonders if since I posted the compromise was the result of a BPO they decided to release more details on it.

Or maybe it's completely unrelated and just a coincidence, but it was unveiled at the same time

Probably just a coincidence, but I like to hope

"The weird stinky goth cat malware people said it was a BPO, we can say the public knew first. Post it!!!!?"

(Would be hilarious)

I get messages around the clock from nerds

I get information on products, breaches, forum drama, Threat Actors, what cybersecurity companies are doing, etc

Sometimes I feel like I've got an international network of spies that feed me intelligence. It's fucking badass

Unironically, if it's not news or gossip, it's pictures of kitty cats. Basically, I'm living the dream

SLSH, DO NOT drop anything tonight. Have some common courtesy and release shit on Monday or something dawg. I do NOT want to have to deal with this shit on a weekend

Bro, c'mon. It's a fucking holiday weekend. Don't be like this. Wait until like, Tuesday or something. C'mon bro. You got all the time in the world to extort people

Dawg, Microsoft found a Threat Actor that compromised a company and modified the internal payroll system so when paychecks were scheduled to be deposited it went into THEIR accounts, NOT the employees.

That's fucking badass wtf I've never seen that before

I don't endorse crime, and I'm sorry people didn't get paid. But... bro, c'mon. That's fucking sick nasty. I've never seen that before. I'm so impressed.

YoUvE nEvEr HeaRd oF ThIs?

No, I haven't. I don't know everything. I'm not an omnipotent being. Let me enjoy something I just learned and let me enjoy sharing it with others.