I love that Reddit is doing a Ask Me Anything on their just-announced breach involving the phishing of employee credentials.

https://www.reddit.com/r/reddit/comments/10y427y/we_had_a_security_incident_heres_what_we_know/

I’ve been having a lot of health problems recently which make it difficult to do development work, on both client or personal apps. My last client who provided occasional work has just dropped me. I can’t really take on any big client work due to my health. I am screwed unless I can sell a lot more of my own apps. Can you help me? And boost this thread?

I will reply to this post with links to some of my apps that I think some people might find useful. iOS developers should love some of them.

A threat actor is offering a service in which they let customers search for keywords across over a thousand hacked mailboxes which likely belong to corporations.

I suspect this sort of service will gain traction in coming years as hacked corporate mail access is relatively common yet not often easily monetizable.

This would allow threat actors to harvest as many webmails as they can via info-stealers infections & bruteforcing and let sophisticated groups attempt to find secrets/credentials that would allow them to perform ransomware attacks, data breaches, etc.

Second image is from www.hudsonrock.com showing the incredible amount of office365 credentials that are in the hands of hackers because of employees downloading info-stealers

current flimflam levels are 82%

(82%) ■■■■■■■■□□

Useful thread over on Twitter if you're looking for work:

https://twitter.com/IanColdwater/status/1616490744017195008